Signing back into the Community for the first time? You'll need to reset your password to access your account. Find out more.
Forum Discussion
GPG support? (like SSH)
Would it be possible to add similar support for GPG keys?
GPG/PGP offers various features for security & privacy. It supports keyservers (are there good methods/servers for doing that with SSH keys?), making it convenient to publish your key.
Additionally, it allows the use of revocation certificates and the creation of master and sub keys, which can be particularly beneficial for organizations. With GPG/PGP, you have the ability to sign commits, as well as sign and encrypt emails, text, individual files, and git commits.
Furthermore, GPG/PGP can be used to securely share credentials with others, even when using platforms or channels that may not prioritize privacy, using their pub key, obtained from e.g. keybase.
Finally, it's worth noting that while SSH keys can be used to sign git commits, the level of trust is not as meaningful as a GPG one, due to the absence of infrastructure like keybase, which verifies the authenticity of the signer.
