Re: please use signed git commits (and tags)

Vincent Danjean Sun, 24 May 2015 13:58:47 -0700

Le 24/05/2015 13:02, Thomas Koch a écrit :
> - Tell git what key to use:
> 
> git config --global user.signingkey $YOURKEYID
> 
> - sign one commit: git commit --gpg-sign
> 
> - always sign all commits:
> 
> git config --global commit.gpgsign true
> 
> - Verifiy commits
> 
> git log --show-signature


What will occur when the signing key expires or must be revoked ?

Is the signature checked for validity at the date of the commit or
at the date of the verification?

  Regards
    Vincent

-- 
Vincent Danjean       GPG key ID 0xD17897FA         vdanj...@debian.org
GPG key fingerprint: 621E 3509 654D D77C 43F5  CA4A F6AE F2AF D178 97FA
Unofficial pkgs: http://moais.imag.fr/membres/vincent.danjean/deb.html
APT repo:  deb http://people.debian.org/~vdanjean/debian unstable main


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/55623b4d.1000...@free.fr

Re: please use signed git commits (and tags)

Reply via email to