Mat Arge venit, vidit, dixit 22.10.2012 15:38:
> Hy!
> I would like to sign each commit with a X.509 certificate and a private key 
> stored on a PKCS#11 token. I assume that that should be possible somehow 
> using 
> a hook which calls openssl. Does somebody know a working implementation of 
> this?
> cheers
> Mat

In principle, we have an almost pluggable architecture. See for example
the latter part of the 2nd post in

Unless you want to change git itself, you're probably better off storing
your non-gpg signatures in a note (or a self-created signed tag). To
sign the commit rev, you could sign the output of "git cat-file commit
rev" (or of "git rev-parse rev") and store that signature in a note that
commit. To verify, you verify the note against the commit.

To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to
More majordomo info at

Reply via email to