On 2025-05-26 at 10:33:08, Christian Couder wrote: > Around one month ago, I sent a patch that tried to improve on how `git > fast-export` handled SSH and X.509 commit signatures: > > https://lore.kernel.org/git/20250424203904.909777-1-christian.couder@xxxxxxxxx/ > > This patch was showing a single string for the hash algorithm with the > following possible values: > > * "openpgp" for SHA-1 OpenPGP signatures, > > * "sha256" for SHA-256 OpenPGP signatures, > > * "x509" for X.509 (GPGSM) signatures, > > * "ssh", for SSH signatures, > > * "unknown" for signatures that can't be identified (a warning is > emitted). > > brian m. carlson however replied that it would be better to show two > pieces of information instead of one: one for the hash algorithm and > one for the protocol. Actually, what I was saying is that we should have one for the hash algorithm that is used in the Git object. I don't care about the hash algorithm used in OpenPGP, X.509, or OpenSSH (that is, whether it's signed with SHA-512 or SHA-256), but we can have multiple signatures in a single commit such that there's both a SHA-1 signature and a SHA-256 signature. -- brian m. carlson (they/them) Toronto, Ontario, CA
Attachment:
signature.asc
Description: PGP signature
