GPG stands for GNU Privacy Guard, it’s a public-key cryptography that can be used to digitally sign items like commits in Git. GPG provides a lot more functionality, but let’s go into why you would want to digitally sign your Git commits. Git does not have any way to validate the author of a commit. When setting up a Git client on your system you are able to use any email address you desire.