Git release tagging best practices

Bernhard Reiter bernhard at
Thu Mar 21 10:07:23 CET 2019

Am Mittwoch 20 März 2019 13:28:33 schrieb Daniel Kahn Gillmor:
> I wonder whether we "git tag -v" should raise an error if the tag name
> within the signature doesn't match the tag name being verified.

Here is an interesting writeup, which also compared git and Monotone SCM 
signing features:

As I understand it: hg can sign a specific state of the repository, but
this has other drawbacks. It is good to have some competition on distributed 
SCMs. >:)


--   +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part.
URL: <>

More information about the Gnupg-devel mailing list