17 Mar
2005
17 Mar
'05
1:35 p.m.
On Thu, 17 Mar 2005, Stefan Reinauer wrote:
It is enough to use ssh. THOUGH: It is highly recommended that you sign the commits so that the origin can be verified. (ie otherwise I could in theory fake a commit done by you)
to make sure I understand: if I have a gpgkey, then the commit process will automagically ensure that it is signed, which is not the case for sshkey?
ron