[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Commit pushed to master with unauthorised signature

From: Tobias Geerinckx-Rice
Subject: Re: Commit pushed to master with unauthorised signature
Date: Thu, 11 Mar 2021 15:59:16 +0100


So if I needed to send you encrypted mail, I'd have to possess all of your current GPG keys and encrypt to all of them? Thanks for the heads-up ;-) I'm not sure if that's how GPG is supposed to work (‘who does’, you say? fair point).

I do know that UIDs like ‘Jessie Doe (professional)’ are discouraged because people signing your key would (according to GPG logic) be vouching that you are, in fact, professional.

Anyway, you still need to make sure that *all* of your keys are available on Savannah. It seems they are but they've expired.

Taylan Kammer 写道:
I'm hopping workstations recently, and my general habit is to create new keys on each machine I'm using and register them where ever needed. (E.g. .ssh/authorized_keys on machines I access, GitHub account, etc.)

Makes good sense for SSH keys.

Kind regards,


Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]