Subject: Re: [boost] Boost 1.61.0 has been released
From: Michael Witten (mfwitten_at_[hidden])
Date: 2016-05-13 13:40:35

• Next message: Nevin Liber: "Re: [boost] Boost 1.61.0 has been released"
• Previous message: Seth: "Re: [boost] Boost 1.61.0 has been released"
• In reply to: Vladimir Prus: "Re: [boost] Boost 1.61.0 has been released"
• Next in thread: Nevin Liber: "Re: [boost] Boost 1.61.0 has been released"
• Reply: Nevin Liber: "Re: [boost] Boost 1.61.0 has been released"
• Reply: Tom Kent: "Re: [boost] Boost 1.61.0 has been released"

On Fri, May 13, 2016 at 4:54 PM, Vladimir Prus <vladimir.prus_at_[hidden]> wrote:

> Hi Michael,
>
> On Fri, May 13, 2016, 19:01 Michael Witten <mfwitten_at_[hidden]> wrote:
>>
>> On Fri, May 13, 2016 at 12:07 PM, Rene Rivera <grafikrobot_at_[hidden]>
>> wrote:
>>
>> > Release 1.61.0 of the Boost C++ Libraries is now available.
>>
>> No, it's not released yet.
>>
>> It's not released until there are associated with the files
>> immediately obvious digital signatures that can be verified with a
>> well known personal public key (like that of Vladimir Prus).
>>
>> Please, quit fscking around.
>
>
> Thanks for your reminder! The signed hashes file will be available later,
> most likely next Tuesday. Sadly, if you require this file before using
> 1.61.0, you would have to wait.
>
> That said, the definition a Boost release is made by release managers, it's
> not a universal law of physics. Presently, that definition does not include
> any digital signatures. The signatures I included with a couple of release
> candidates were an experiment to see how many people appear to care (the
> answer was one, Tom), and how complicated it is (the answer is that GPG is
> quite a mess, especially on Windows or if you do not want your master key on
> a random cloud server). No decison is made yet.
>
> You are welcome to push on this and make concrete suggestions, but the
> impact will be directly proportional to how polite your messages are worded.

So, because only Tom explicitly responded, it must be the case that
only Tom cared; it must be the case that only Tom will ever care.

Actually, Tom's emails are quite useful, because his own digital signature
compounds the confirmation of your digital signature.

I have made many concrete suggestions and I have been very polite;
it doesn't seem to do anything.

Your personal inability to find a convenient way to produce and present
digital signatures is irrelevant; they are something that *must* be done
in this day and age, and I cannot fathom why there is so much incredulity
about that fact.

Perhaps, Tom would be willing to take on the task of constructing the
files and/or composing the digital signatures, at least until some agreeable
release recipe can be established for other maintainers to follow mindlessly.

• Next message: Nevin Liber: "Re: [boost] Boost 1.61.0 has been released"
• Previous message: Seth: "Re: [boost] Boost 1.61.0 has been released"
• In reply to: Vladimir Prus: "Re: [boost] Boost 1.61.0 has been released"
• Next in thread: Nevin Liber: "Re: [boost] Boost 1.61.0 has been released"
• Reply: Nevin Liber: "Re: [boost] Boost 1.61.0 has been released"
• Reply: Tom Kent: "Re: [boost] Boost 1.61.0 has been released"