[PATCH] build: sign tarball instead of sha256sum

David Bremner david at tethera.net
Fri Mar 15 06:50:34 PDT 2019

Adam Majer <amajer at suse.de> writes:

> The (my?) expectation is that a *.asc file is a detached signature. 
> That's why GPG is warning when it is not a detached signature. But I can 
> live with .sha256.asc if there is no .sha256 ;)

Right, aren't detached signatures preferred in general? Or am I
misremembering some gpg folklore?


More information about the notmuch mailing list