We noticed this when trying to use Git to make a signed push with push options to a server using JGit (which rejects such pushes because the Git client makes requests that are, strictly speaking, incompatible with the documented protocol). There have been several commits (see the commits linked in the commit messages of the patches sent in reply to this e-mail) to support push options (that are read by receive hooks) when using "git push", but the interaction between push options and signed pushes are not very clear. Here are some patches (containing both code and documentation) that clarify this interaction. I would appreciate a review of this - if we could make the protocol clear, we could then update JGit to use the updated protocol and be no longer incompatible with existing Git clients. Jonathan Tan (3): docs: correct receive.advertisePushOptions default receive-pack: verify push options in cert protocol docs: explain receive-pack push options Documentation/config.txt | 5 ++-- Documentation/git-receive-pack.txt | 10 +++++++ Documentation/technical/pack-protocol.txt | 32 ++++++++++++++++---- builtin/receive-pack.c | 49 ++++++++++++++++++++++++++++--- t/t5534-push-signed.sh | 15 ++++++++++ 5 files changed, 98 insertions(+), 13 deletions(-) -- 2.13.0.rc1.294.g07d810a77f-goog