On 2020-06-12 at 01:55:56, dwh@xxxxxxxxxxxxxxxxxxx wrote: > I now think even that proposal is overly complicated. I think the > easiest solution is to simply standardize the existing pipe-fork > interface as the way GPG talks to all signing tools. For signing tools > that have different command line interfaces than GPG, we can create > adapter scripts. Tools that want to be compatible can adapt. This becomes pretty tricky because Git parses OpenPGP headers in a variety of places (e.g., at the end of tags). If your proposal is to wrap new formats in a fake OpenPGP format, like some existing tools do, then that would be viable, but otherwise you're going to require either Git to know about your signing format specifically (which is not a sustainable approach) or some sort of configuration framework like has been previously discussed. If you're going to wrap things in a fake OpenPGP format, then you don't actually need to send any patches to Git at all; you can simply set gpg.program and continue. -- brian m. carlson: Houston, Texas, US OpenPGP: https://keybase.io/bk2204
Attachment:
signature.asc
Description: PGP signature
