what exactly is git-tag looking for when you try to sign a tag?

what exactly is git-tag looking for when you try to sign a tag?

[Alan Chandler]

Since I reached my first release of my software this morning, I though I would 
try and get a bit more formal with things and attempted to sign the tag

Although I had tried gpg several years ago, I didn't seem to have any keys in 
my keyring, so I just generated a new one with 

gpg --gen-key

You can see a key listed with you check for secret keys

with gpg -K

but then I tried to generate a tag with 

git-tag -s v1.0

and it complained that I don't have any secret key available.

What exactly is the process of making one available?
-- 
Alan Chandler
http://www.chandlerfamily.org.uk
Open Source. It's the difference between trust and antitrust.

Re: what exactly is git-tag looking for when you try to sign a tag?

[Linus Torvalds]

On Sun, 15 Jan 2006, Alan Chandler wrote:
> 
> git-tag -s v1.0
> 
> and it complained that I don't have any secret key available.
> 
> What exactly is the process of making one available?

Do 

	gpg --list-secret-keys

to check what keys you have available to sign with.

Then, use

	git tag -u "key user name" v1.0

because what has _probably_ happened is that if you just use "-s" it will 
pick your "committer name" as the key identifier, and you probably made 
your keys using your real email or other identifier.

So "-u <username>" means the same thing as "-s", but with additionally 
specifying _which_ key it should use.

Alternatively, you should be able to just use "gpg --edit-key <keyname>" 
and then using "adduid" to add your git committer ID as a user of the key. 
At which point "git tag -s <tagname>" should just work, since gpg will be 
able to match up the keys automatically.

		Linus