Hacker News new | past | comments | ask | show | jobs | submit login

It's just ignored. The signing data is added in the same way as a GPG key, just in a different format. Git commands don't look at signatures by default, and if they do, they will just say "invalid signing format" or some such.

It's always possible some program handles this badly, but I've been signing with ssh pretty much since the day it was added to git (before it was in a release) and never experienced any problems or complaints.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: