We use git to manage a config management repository for some servers. We have tens of signed commits a day; all get deployed. The logic on each host is roughly "is signed by sysadmin key and is more recent than currently-deployed version". Also, what is all this about "GPG"? The protocol is OpenPGP. A particular implementation is GnuPG / gpg. It is completely mad that this implementation detail is in the interface specs for git, such as --gpg-sign for git-commit(1). It is an indictment of a lack of appreciation of the relationship between interfaces and implementations, and the importance of proper treatment thereof. If Bob creates Bob's git compatible program, and he happens to use Bob's OpenPGP implementation, his compatible option for git-commit(1) still has to be called "--gpg-sign". Madness. Tom.