Todd Zullinger venit, vidit, dixit 05.10.2010 22:42: > Michael J Gruber wrote: >> Currently, git expects "-----BEGIN PGP SIGNATURE-----" at the beginning of a >> signature. But gpg uses "MESSAGE" instead of "SIGNATURE" when used with >> the "rfc1991" option. This leads to git's faling to verify it's own >> signed tags. >> >> Be more lenient and take "-----BEGIN PGP " as the indicator. > > Another way to go might be to add --gnupg (or --openpgp) to the gpg > options used for tagging. That overrides an option like rfc1991 in > the gnupg config file. > > Whether that's preferable to accepting these older-style messages is > debatable. Using rfc1991 implies pgp-2.x compatibility, which means > using md5 as the algorithm. It could be seen as a weakness to accept > such signatures. The problem is that we never did this, i.e. we always allowed people to create such signatures. They never verified, though, even though they were valid. If that's reason enough to discount the usual compatibility argument then adding --gnupg would be best. > (Oh, and you probably saw this already, but s/faling/failing. ;) :| Michael -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html