Bug#1091868: debian-policy: Document Git-Tag-Tagger and Git-Tag-Info fields

[Ian Jackson <ijackson@chiark.greenend.org.uk>]

Sean Whitton writes ("Re: Bug#1091868: debian-policy: Document Git-Tag-Tagger and Git-Tag-Info fields"):
> It's from the VALIDSIG line as documented here:
> <https://github.com/gpg/gnupg/blob/master/doc/DETAILS>.
> 
> The text there doesn't guarantee that the fingerprint will be the
> signing subkey, if there is one, but somewhat implies that it will be.
> 
> I'm not sure we want to tie ourselves down in the way that you are
> suggesting.  What do you think, Ian

How about we just reference that?  (I know we're trying to get away
from gnupg, but I don't want to get hung up on this, here.)

Ian.

-- 
Ian Jackson <ijackson@chiark.greenend.org.uk>   These opinions are my own.  

Pronouns: they/he.  If I emailed you from @fyvzl.net or @evade.org.uk,
that is a private address which bypasses my fierce spamfilter.