[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PULL v3 00/14] acpi, pc, pci, virtio, memory bug fixes

From: Michael S. Tsirkin
Subject: Re: [Qemu-devel] [PULL v3 00/14] acpi, pc, pci, virtio, memory bug fixes
Date: Tue, 11 Mar 2014 14:22:07 +0200

On Tue, Mar 11, 2014 at 12:09:40PM +0000, Peter Maydell wrote:
> On 11 March 2014 11:49, Michael S. Tsirkin <address@hidden> wrote:
> > On Tue, Mar 11, 2014 at 11:32:41AM +0000, Peter Maydell wrote:
> >> That won't help with removing the warning. What gpg
> >> is saying here is "I found this key in the keyring,
> >> and the signature checks out, but there's no chain
> >> of trust between the person who applied the pull
> >> and that key". That is, I haven't signed your key.
> >
> > Okay ... would you like to sign it?
> > Didn't you go to the key signing party at the forum?
> > If yes you have all the data :)
> At the forum I only signed keys where the other
> person had been sufficiently organised to get their
> key onto the pre-printed list Anthony sent out and
> were clearly following the instructions. (Basically
> I wasn't expecting to be applying other peoples'
> pull requests at that time so it seemed sufficient
> to do a mutual signing with a reasonable number of
> developers.) I can't remember why I put a cross next to
> your name at this point, but obviously I can't sign
> your key now if I didn't choose to do so then; that
> would be breaking the whole point of doing in person
> checks.

I was on the list so not sure why, oh well.
But a chain of trust can still be established.
A bunch of people signed my key:
maybe you trust some of these keys?

> > But the commit log will include the warning forever I think?
> True, but does that matter?
> thanks
> -- PMM

I'm just saying that it's not nice to ignore warnings as a general
policy.  If they are benign I think it's better to find a way to
suppress them.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]