<div dir="ltr"><br><br><div class="gmail_quote"><div dir="ltr">On Fri, 23 Feb 2018 at 14:01 Roberto C. Sánchez <<a href="mailto:roberto@debian.org">roberto@debian.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">[...] Based on that, signing the<br>
tag when importing a new .orig.tar.gz is sufficient.<br>
<br><br></blockquote><div>Thank you for the information. </div><div>This information opens the way forward to proceed with this.</div><div>I had tried a lot of things to make "gbp import-orig" to sign the commits too, but none of that worked, and I was about to include a ".gitconfig" with the original tarball, if that would help, but won't proceed this way anymore.</div><div><br></div></div></div>