On Tue, Jun 3, 2025 at 12:17 AM brian m. carlson <sandals@xxxxxxxxxxxxxxxxxxxx> wrote: > > On 2025-05-26 at 10:33:08, Christian Couder wrote: > > brian m. carlson however replied that it would be better to show two > > pieces of information instead of one: one for the hash algorithm and > > one for the protocol. > > Actually, what I was saying is that we should have one for the hash > algorithm that is used in the Git object. I don't care about the hash > algorithm used in OpenPGP, X.509, or OpenSSH (that is, whether it's > signed with SHA-512 or SHA-256), but we can have multiple signatures in > a single commit such that there's both a SHA-1 signature and a SHA-256 > signature. Thanks for clarifying. I think that's what I implemented in v3 and v4.
