... sorry for an additional message. The patches I just sent were based on commit 876a6f4991abdd72ea707b193b4f2b831096ad3c (Update draft release notes to 1.7.9). I should have also added that the function verify_commit was tested via a compile-time option, but it is currently not used. Its purpose is to verify that the (new) digest header in commit messages is consistent with the commit's tree, parents, other headers, and the commit message. For authentication, one would want to sign the commit SHA-1 hash and the message digest for the commit (which is stored separate from the commit object). My patch doesn't do that, but there is a single function that can be called to look up the digest, if one is present (which may not be the case due to backwards compatibility issues) - I'd prefer to have someone familiar with the signature code make any changes. The version of Makefile in the patch turns off the commit message-digest header because some of the test scripts won't run with it, due to those encoding specific SHA-1 values and file lengths, but the test does run far enough to have created and used a number of commits. I didn't want to go to the trouble of updating the test scripts unless the patch is actually going to get used - updating the scripts is a bit tedious and you'd probably want to decide on the digest hash first. Bill -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html