summaryrefslogtreecommitdiff
path: root/Documentation
diff options
context:
space:
mode:
authorMichael J Gruber <git@drmicha.warpmail.net>2016-06-17 07:46:08 (GMT)
committerJunio C Hamano <gitster@pobox.com>2016-06-17 18:39:05 (GMT)
commit76f9d8bac8138d4c0caac02983ef4df7f9a51cba (patch)
treee73982f6e6c60500d750952a42c607b1ee137dec /Documentation
parent05219a1276341e72d8082d76b7f5ed394b7437a4 (diff)
downloadgit-76f9d8bac8138d4c0caac02983ef4df7f9a51cba.zip
git-76f9d8bac8138d4c0caac02983ef4df7f9a51cba.tar.gz
git-76f9d8bac8138d4c0caac02983ef4df7f9a51cba.tar.bz2
Documentation/technical: describe signature formats
We use different types of signature formats in different places. Set up the infrastructure and overview to describe them systematically in our technical documentation. Signed-off-by: Michael J Gruber <git@drmicha.warpmail.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'Documentation')
-rw-r--r--Documentation/Makefile1
-rw-r--r--Documentation/technical/signature-format.txt17
2 files changed, 18 insertions, 0 deletions
diff --git a/Documentation/Makefile b/Documentation/Makefile
index 35c1385..b43d66e 100644
--- a/Documentation/Makefile
+++ b/Documentation/Makefile
@@ -76,6 +76,7 @@ TECH_DOCS += technical/protocol-common
TECH_DOCS += technical/racy-git
TECH_DOCS += technical/send-pack-pipeline
TECH_DOCS += technical/shallow
+TECH_DOCS += technical/signature-format
TECH_DOCS += technical/trivial-merge
SP_ARTICLES += $(TECH_DOCS)
SP_ARTICLES += technical/api-index
diff --git a/Documentation/technical/signature-format.txt b/Documentation/technical/signature-format.txt
new file mode 100644
index 0000000..fda4fb8
--- /dev/null
+++ b/Documentation/technical/signature-format.txt
@@ -0,0 +1,17 @@
+Git signature format
+====================
+
+== Overview
+
+Git uses cryptographic signatures in various places, currently objects (tags,
+commits, mergetags) and transactions (pushes). In every case, the command which
+is about to create an object or transaction determines a payload from that,
+calls gpg to obtain a detached signature for the payload (`gpg -bsa`) and
+embeds the signature into the object or transaction.
+
+Signatures always begin with `-----BEGIN PGP SIGNATURE-----`
+and end with `-----END PGP SIGNATURE-----`, unless gpg is told to
+produce RFC1991 signatures which use `MESSAGE` instead of `SIGNATURE`.
+
+The signed payload and the way the signature is embedded depends
+on the type of the object resp. transaction.