- [ ] https://mikegerwitz.com/2012/05/a-git-horror-story-repository-integrity-with-signed-commits#merge-2
- [ ] Require signing every commit.
- [ ] https://github.com/xopham/trusted-commit-signatures
- [ ] Allow signing by SSH and by GDP.
- [ ] https://git-scm.com/docs/git-config#Documentation/git-config.txt-gpgsshallowedSignersFile
- [ ] https://lobi.to/writes/wacksigning/