I found this thread where Linus describes his opinion about auto-sign commits. But I'm not really sure I understood his point correctly... For me it sounds more that he argues for a different use case: the verification of the integrity of a release (git tags) or entire project. For me it's more about verifying the authorship of single commits.
Make sure to look up the discussion around whether you should auto-sign or not.
Linus Torvalds for instance is against it.
I personally do auto-sign my own work.
Just suggesting that you look into the discussion and make your decision.
Thank you Anthony for your suggestion!
I found this thread where Linus describes his opinion about auto-sign commits. But I'm not really sure I understood his point correctly... For me it sounds more that he argues for a different use case: the verification of the integrity of a release (git tags) or entire project. For me it's more about verifying the authorship of single commits.
Updated link web.archive.org/web/20210412010515...