This document only explained PGP signatures, but Git now supports X.509 and SSH signatures. Signed-off-by: Gwyneth Morgan <gwymor@xxxxxxxxxx> --- Documentation/technical/signature-format.txt | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/Documentation/technical/signature-format.txt b/Documentation/technical/signature-format.txt index 166721be6f..c148d4c750 100644 --- a/Documentation/technical/signature-format.txt +++ b/Documentation/technical/signature-format.txt @@ -9,9 +9,22 @@ is about to create an object or transaction determines a payload from that, calls gpg to obtain a detached signature for the payload (`gpg -bsa`) and embeds the signature into the object or transaction. -Signatures always begin with `-----BEGIN PGP SIGNATURE-----` -and end with `-----END PGP SIGNATURE-----`, unless gpg is told to -produce RFC1991 signatures which use `MESSAGE` instead of `SIGNATURE`. +Signatures always begin and end with a delimiter, which differs +depending on signature type. + +PGP:: + Signatures begin with `-----BEGIN PGP SIGNATURE-----` and end + with `-----END PGP SIGNATURE-----`, unless gpg is told to + produce RFC1991 signatures which use `MESSAGE` instead of + `SIGNATURE`. + +SSH:: + Signatures begin with `-----BEGIN SSH SIGNATURE-----` and end + with `-----END SSH SIGNATURE-----`. + +X.509:: + Signatures begin with `-----BEGIN SIGNED MESSAGE-----` and end + with `-----END SIGNED MESSAGE-----`. Signatures sometimes appear as a part of the normal payload (e.g. a signed tag has the signature block appended after the payload
