Thanks so much for taking the time to comment.  

On Fri, Jun 26, 2015 at 7:44 AM, Remi Collet <> wrote:
I strongly believe the "commit hash" method should be preferred as in
the current Guidelines (and obviously not a "last solution")

The order that a method appears doesn't denote a preference in and of itself.  
Please help me understand something.  Why are you so concerned about the
use of Git Tags?  I have included text which clearly states that if the packager
believes that re-tagging is being used, he MUST follow a specific procedure
to resolve that issue.  If there is a problem with the archive the checksum 
won't match.  What is the harm if we later find that upstream did re-tag?  
The archive with the embedded commit information is already in the srpm.  
The act of re-tagging can't change that.  We always know the commit hash
version of that archive.
About the "Git Submodules",
I think this is directly conflicting with the "no bundled" Guidelines.
The fact that upstream uses the submodule capability doesn't mean that
the code within that submodule is a bundled library.  If it is found to be, then
of course the "No Bundled Libraries" guideline would apply.