[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [jgit-dev] Tag Signing?
- From: Chris Aniszczyk <caniszczyk@xxxxxxxxx>
- Date: Wed, 25 May 2011 08:26:49 -0500
- Delivered-to: email@example.com
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=TP16Qjb7B4TfjbDkTzhi/QVc3SdmqwKeoGdOakKIUilV1ihqPsC74fesxBNUN4tfit uoxr7AsL5CJHw47eTCkRpvzX0mz69dE3o08yUyajsOwZSy1ewRqQ9sxP01XsaSUlQtpL 3V5F2e6FCRU89LDFsPpS2+36qjD2grcl+Huz0=
On Wed, May 25, 2011 at 8:09 AM, Matthias Sohn
> We have a pending CQ for Bouncy Castle , if we get approval to use that
> we should go this path. We would be happy to see your contributions on
> this topic. As long as the CQ isn't approved we can't submit a bouncy castle
> based implementation.
Bouncycastle has some interesting provenance issues that has caused
the Eclipse IP team some grief in the past. I hope when they look at
it again, it will be less of an issue this time around. However, this
won't be done until after Indigo due to the IP backlog (hence, post
> Another possibility would be to enable use of an external GPG implementation
> by forking another process similar to what we have to enable using an
> external SSH implementation (see jgit commit 22e720ce).
This seems like the best approach for now if people want this
functionality sooner than later.
+1 512 961 6719