On Mon, Oct 31, 2011 at 3:51 PM, Junio C Hamano <gitster@xxxxxxxxx> wrote: > > Some cut-and-paste (or piping the e-mail to a command) would be necessary > evil, though, as you would have GPG keys from more than one trusted person > in your keyring, and when you are responding to a pull-request from person > A, finding a valid commit signed by person B should not be a success, but > at least should raise a warning. Why? The signer of the message needs to be printed out *anyway*. I can match that up with the pull request, the same way I already match up diffstat information. So any extra cut-and-paste is (a) stupid, (b) unnecessary and (c) annoying. It's also "bad user interface". The whole point is that we should make the user interface *good*. Which means that the pushing side should only need to add a "-s" to ask for signing, have to type his passphrase (and even that would go away when using gpg-agent or something), and perhaps a message (which would not be about the signing, but about something that could be added to the merge commit. And the receiving side would just do the "git pull" and automatically just get notified that "Yes, this push has been signed by key Xyz Abcdef" Linus -- To unsubscribe from this list: send the line "unsubscribe linux-ide" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html