Michael J Gruber wrote: > Currently, git expects "-----BEGIN PGP SIGNATURE-----" at the beginning of a > signature. But gpg uses "MESSAGE" instead of "SIGNATURE" when used with > the "rfc1991" option. This leads to git's faling to verify it's own > signed tags. > > Be more lenient and take "-----BEGIN PGP " as the indicator. Another way to go might be to add --gnupg (or --openpgp) to the gpg options used for tagging. That overrides an option like rfc1991 in the gnupg config file. Whether that's preferable to accepting these older-style messages is debatable. Using rfc1991 implies pgp-2.x compatibility, which means using md5 as the algorithm. It could be seen as a weakness to accept such signatures. (Oh, and you probably saw this already, but s/faling/failing. ;) -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The best cure for insomnia is to get a lot of sleep. -- W.C. Fields
Attachment:
pgp0WfkRKNu_g.pgp
Description: PGP signature