document new gpg verification conditions

author: Alexis Reigel <mail@koffeinfrei.org> 2017-08-31 22:02:55 +0200
committer: Alexis Reigel <mail@koffeinfrei.org> 2017-09-05 12:18:34 +0200
commit: a70b67295c345b7fd4e603044f3d9ec34dddd1b5 (patch)
tree: a1bfade2d27f8879211187733060c7c95b763380 /doc/user/project/repository
parent: e7d0febb81aa0f3aa942523d40b6a78584e71db3 (diff)
download: gitlab-ce-a70b67295c345b7fd4e603044f3d9ec34dddd1b5.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/doc/user/project/repository/gpg_signed_commits/index.md b/doc/user/project/repository/gpg_signed_commits/index.md
index ff419d714f9..afe8066d408 100644
--- a/doc/user/project/repository/gpg_signed_commits/index.md
+++ b/doc/user/project/repository/gpg_signed_commits/index.md
@@ -22,11 +22,12 @@ GitLab uses its own keyring to verify the GPG signature. It does not access any
 public key server.
 
 In order to have a commit verified on GitLab the corresponding public key needs
-to be uploaded to GitLab. For a signature to be verified two prerequisites need
+to be uploaded to GitLab. For a signature to be verified three conditions need
 to be met:
 
 1. The public key needs to be added your GitLab account
 1. One of the emails in the GPG key matches your **primary** email
+1. The committer's email matches the verified email from the gpg key
 
 ## Generating a GPG key
author	Alexis Reigel <mail@koffeinfrei.org>	2017-08-31 22:02:55 +0200
committer	Alexis Reigel <mail@koffeinfrei.org>	2017-09-05 12:18:34 +0200
commit	a70b67295c345b7fd4e603044f3d9ec34dddd1b5 (patch)
tree	a1bfade2d27f8879211187733060c7c95b763380 /doc/user/project/repository
parent	e7d0febb81aa0f3aa942523d40b6a78584e71db3 (diff)
download	gitlab-ce-a70b67295c345b7fd4e603044f3d9ec34dddd1b5.tar.gz