message no. 177461
Posted by shrysr in #github at 2020-03-01T22:49:03Z
Is this correct w.r.t gpg signing of commits : I upload to gh my public key, sign a commit locally with private and this is crypto verified by gh? Say I dont believe GH - I can still manually verify the sign with the public key of the person who commits?