tangled.org
matrixfurry.com
NOTE: When I refer to signing keys, I'm talking about SSH signing keys, not PGP ones. I did not test any of this with PGP keys because I don't use them.
It would be very cool to be able to use my DID instead of an email for signed git commits on Tangled. Currently, if you try to use your DID in place of an email, commits will not show as signed on the Tangled AppView.
I would love to see signed commits work properly when using a DID. This already works properly in git itself when using an allowed signers file.
See https://tangled.org/@matrixfurry.com/tangled-testing/commit/7fc5f46be56527a2e16e852006b5cc4aac2ee9cb for an example. This commit does not show as properly signed on Tangled, but does in git:
* commit 7fc5f46be56527a2e16e852006b5cc4aac2ee9cb (HEAD -> main, origin/main)
| Good "git" signature for did:plc:zmjoeu3stwcn44647rhxa44o with ED25519 key SHA256:68a4335QUqf4PR8E4jmNMaKH1SIxm7r+LLY9m/8nc/s
| Author: @matrixfurry.com <did:plc:zmjoeu3stwcn44647rhxa44o>
| Date: Wed Sep 24 22:43:08 2025 -0500
|
| Test DID signing with user instead of author
|
| (+ signoff)
|
| Signed-off-by: @matrixfurry.com <did:plc:zmjoeu3stwcn44647rhxa44o>
|
Use Case#
I don't use email very often, and am not known publicly by my email. I would also rather not share it in git commits to avoid spam.
It has also changed multiple times. My DID is more tied to my identity and is more permanent.
Caveats#
DIDs are not standard in git commits, but I think DIDs are a better solution than other platforms' randomized noreply emails. They are decentralized, more permanent, and would integrate well with Tangled.
anirudh.fi
Relevant
.gitconfigentries: