Introduction
“Hey, Stefan, can you please push your changes to the Git repository?” - asked my colleague.
“and make sure you sign your commits with GPG!” - he added.
“Sure, I will do that!” - I replied. But wait a minute, what is GPG signing? And why should I use it?
PGP (Pretty Good Privacy) was initially developed by Phil Zimmermann in 1991 as a commercial product and was designed
as a way to encrypt and decrypt email messages. In 1997, it was released as an open-source standard called OpenPGP and
since then the OpenPGP became industry standard specification that was implemented by many software vendors, with the most
popular implementation being GPG which stands for GNU Privacy Guard. GPG became popular mainly because it was free
and open-source, had a community fixing bugs, it was available on multiple platforms (Linux, Windows, MacOS, etc.) and
supported a range of cryptographic operations (encryption, decryption, signing, verification, key management, etc.)
