On Fri, Jun 26, 2015 at 9:29 PM, Kevin Fenzi <kevin@scrye.com> wrote:
Upstream might say: "oh, we fixed that and moved the tag", but then
what does the fedora maintainer do? v1-2? What do people reporting bugs
report against? How can you tell how long a security vulnerability has
been out if it was in v1?

Got it.  Thanks much for taking the time to explain that.  I changed the draft about
30 minutes ago to take out the references to re-tagging.  It was just complicating
things.  My main goal was to add information on submodules, make it a bit more
vendor neutral, and bring it up to date as far as Git was concerned.  The Git Tag 
section is now structured to make it easy to remove if required.