On Mon, Jul 09, 2012 at 11:31:15PM -0700, Thomas Ferris Nicolaisen wrote:

> > Can we use Entrust Digital SW to sign tags and commits instead of gpg?
> >
> > Please guide me how to achieve this.
> No, GPG is the only way of signing.

On the other hand, the gpg.program configuration option can be used to
specify an alternative binary for signing.
Supposedly if one is able to create such a binary wich wraps that
"Entrust Digital SW" thing and mocks the way GPG works as expected by
Git, this might in theory work.

Another thing is, AFAIK a signed tag just has an ASCII representation
of its GPG signature embedded into the tag object.
Hence one could possibly try with creation/verification of signed tags
using some external software which should provide signed tag of valid
format.  I'm inclined to think the most of Git is not concerned much
which what exactly that signature bit contains unless Git is asked
to verify it.

You received this message because you are subscribed to the Google Groups "Git 
for human beings" group.
To post to this group, send email to git-users@googlegroups.com.
To unsubscribe from this group, send email to 
For more options, visit this group at 

Reply via email to