From a70b67295c345b7fd4e603044f3d9ec34dddd1b5 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <mail@koffeinfrei.org>
Date: Thu, 31 Aug 2017 22:02:55 +0200
Subject: document new gpg verification conditions

---
 doc/user/project/repository/gpg_signed_commits/index.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/doc/user/project/repository/gpg_signed_commits/index.md b/doc/user/project/repository/gpg_signed_commits/index.md
index ff419d714f9..afe8066d408 100644
--- a/doc/user/project/repository/gpg_signed_commits/index.md
+++ b/doc/user/project/repository/gpg_signed_commits/index.md
@@ -22,11 +22,12 @@ GitLab uses its own keyring to verify the GPG signature. It does not access any
 public key server.
 
 In order to have a commit verified on GitLab the corresponding public key needs
-to be uploaded to GitLab. For a signature to be verified two prerequisites need
+to be uploaded to GitLab. For a signature to be verified three conditions need
 to be met:
 
 1. The public key needs to be added your GitLab account
 1. One of the emails in the GPG key matches your **primary** email
+1. The committer's email matches the verified email from the gpg key
 
 ## Generating a GPG key
 
-- 
cgit v1.2.1