On Tuesday, April 21, 2015 at 12:08:58 PM UTC+2, David Pursehouse wrote:In Gerrit there are separate permissions for pushing an Annotated Tag
and pushing a Signed Tag.
What is the reason for separating these into two different permissions?
Isn't a signed tag basically the same as an annotated tag, only having a
signature block appended to the message (annotation) part?
I think you're probably mixing up (cryptographically) signed tags (git tag -s) with siging-off a commit (git commit -s).
The latter really just adds a textual "Signed-off-by:" footer to the commit message whereas the first signs a tag with GnuPG. You can also sign commits with "git commit -S" (upper case S). So as the two are fundamentally different things, having separate permissions for each makes sense.
Regards,
Sebastian
--
--
To unsubscribe, email repo-discuss...@googlegroups.com
More info at http://groups.google.com/group/repo-discuss?hl=en
---
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to repo-discuss...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
On Wed, Apr 22, 2015 at 8:17 PM Sebastian Schuberth <sschu...@gmail.com> wrote:On Tuesday, April 21, 2015 at 12:08:58 PM UTC+2, David Pursehouse wrote:In Gerrit there are separate permissions for pushing an Annotated Tag
and pushing a Signed Tag.
What is the reason for separating these into two different permissions?
Isn't a signed tag basically the same as an annotated tag, only having a
signature block appended to the message (annotation) part?
I think you're probably mixing up (cryptographically) signed tags (git tag -s) with siging-off a commit (git commit -s).No, this is nothing to do with signing-off commits.An annotated tag is made by `git tag -a` and then entering the message when prompted or `git tag -m 'message'`. A signed tag is made with `git tag -s` and optionally the `-a` or `-m` to include a message.In both cases the structure is the same, but the signed one has the gpg signature appended on the message field.