I had heard of GPG/PGP (same thing, as it turns out) for years and I heard it was hard and unpopular so I never investigated it independently. However, I needed to learn how to sign and encrypt things with it for work at some point and I learned the basics, and more recently I noticed that GitHub will allow you to verify commits with GPG. So, I decided, why not start signing my commits? That would be cool and at least useful in my imagination where someone might want to prove that I was reall...
