Re: [Tails-l10n] OpenPGP-signed pull requests?

Delete this message

Reply to this message
Autor: drebs
Data:  
A: Tails localization discussion
Assumpte: Re: [Tails-l10n] OpenPGP-signed pull requests?
mercedes508 codificou 0.6K bytes:
> Hi,
>
> > after merging one more translation pull request, just by trusting the
> > From header, fingers crossed that if an attacker had been spoofing
> > this header to game us, then the person being spoofed would notice
> > before any user is harmed... I'm wondering:
> >
> > Would it sound crazy, too painful, or what, if we required l10n pull
> > requests to be OpenPGP-signed?


Does that mean that the emails we send requesting pulls should be pgp signed?
Or there would be any other way to make these pull requests?

> It sounds doable to me.


Also seems fine to me.