Jonathan Nieder <jrnieder@xxxxxxxxx> writes: > The NewHash-based signature is included in the SHA-1 content as well, > for the sake of round-tripping. It is not stripped out. Ah, OK, that allays my worries. We rely on the fact that unknown object headers from the future are ignored. We use something other than "gpgsig" header (say, "gpgsigN") to store NewHash based signature on a commit object created in the NewHash world, so that SHA-1 clients will ignore it but still include in the signature computation---is that the idea? Existing versions of Git that live in the SHA-1 world may still need to learn to ignore/drop "gpgsigN" while amending a commit that originally was created in the NewHash world. Or to force upgrade we may freeze the SHA-1 only versions of Git and stop updating them altogether. I dunno. We also need to use something other than "mergetag" when carrying over the contents of a tag being merged in the NewHash world, but I'd imagine that you've thought about this already. Thanks.
