Signing .tar files during release process

Jelmer Vernooij jelmer at
Sat Mar 22 14:10:16 MDT 2014

At the moment we're GPG signing .tar files during the release. The
original reason (IIRC) for this was that we were publishing both .gz
and .bz2 compressed versions of the tarball, but we're no longer doing

Can we consider signing the .tar.gz file instead? This is more common
and it is what various tools (e.g. Debian's upstream source
checker) support.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <>

More information about the samba-technical mailing list