On Mon, Jul 09, 2012 at 11:31:15PM -0700, Thomas Ferris Nicolaisen wrote: > > Can we use Entrust Digital SW to sign tags and commits instead of gpg? > > > > Please guide me how to achieve this. > No, GPG is the only way of signing.
On the other hand, the gpg.program configuration option can be used to specify an alternative binary for signing. Supposedly if one is able to create such a binary wich wraps that "Entrust Digital SW" thing and mocks the way GPG works as expected by Git, this might in theory work. Another thing is, AFAIK a signed tag just has an ASCII representation of its GPG signature embedded into the tag object. Hence one could possibly try with creation/verification of signed tags using some external software which should provide signed tag of valid format. I'm inclined to think the most of Git is not concerned much which what exactly that signature bit contains unless Git is asked to verify it. -- You received this message because you are subscribed to the Google Groups "Git for human beings" group. To post to this group, send email to email@example.com. To unsubscribe from this group, send email to git-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/git-users?hl=en.