On Fri, Jun 06, 2014 at 04:15:28PM +0200, Michael J Gruber wrote: > Commit signatures can be verified using "git show -s --show-signature" > or the "%G?" pretty format and parsing the output, which is well suited > for user inspection, but not for scripting. > > Provide a command "verify-commit" which is analogous to "verify-tag": It > returns 0 for good signatures and non-zero otherwise, has the gpg output > on stderr and (optionally) the commit object on stdout, sans the > signature, just like "verify-tag" does. > > Signed-off-by: Michael J Gruber <git@xxxxxxxxxxxxxxxxxxxx> I think the general direction of this series is reasonable. Did you give any thought to just having a "git verify" command, instead of separate tag/verify commands? Another thought, that may be orthogonal to your series: what does it mean to verify a commit? We check for _some_ signature from a key that is in your keyring. But we do not check whether the signature matches the committer field (or for tags, the tagger field). You have to parse the gpg output, run "git cat-file", and then correlate the two. Should there be an option to have git check that one of the signed uids from gpg matches the commit's committer? -Peff -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html