On Sun, Apr 13, 2025 at 07:17:26PM +0000, Klaus Frank wrote: > how do I get "git send-email" to send the patches gpg signed? You have to step back and ask what is the end-goal? Do you want repudiation/attestation for your own patches, or do you want to be able to verify that the patches sent to you by contributors are tamper-evident? On the kernel side of things, we've been using patatt [1], which supports PGP, SSH, and ed25519-signing of patches via a dedicated custom header, a-la DKIM. [1] https://github.com/mricon/patatt/blob/main/README.rst -K
