diff --git a/tools/signchk b/tools/signchk
index e2d46db..f4045b7 100755
--- a/tools/signchk
+++ b/tools/signchk
@@ -6,7 +6,7 @@
 # Allows for automated detection of potential attacks or false authorship of
 # commits by validating signatures against trusted public GPG keys.
 #
-#  Copyright (C) 2012, 2013 Free Software Foundation, Inc.
+#  Copyright (C) 2012, 2013, 2015 Free Software Foundation, Inc.
 #
 #  This file is part of GNU ease.js.
 #
@@ -31,6 +31,10 @@ chkafter="${1:-1b1790029}"
 # provided) for a trusted signature, listing invalid commits. %G? will output
 # "G" if the signature is trusted. In the case of a merge commit, the merge
 # commit itself need only be signed.
+#
+# signchk-ignore contains commits that are known to be unsigned; these were
+# a mistake, but it's too late to rewrite history
 t=$'\t'
 git log --first-parent --pretty="format:%H %aN$t%s$t%G?" "$chkafter.." \
-  | grep -v "${t}G$"
+  | grep -v "${t}G$" \
+  | grep -vFf signchk-ignore
diff --git a/tools/signchk-ignore b/tools/signchk-ignore
new file mode 100644
index 0000000..211d30e
--- /dev/null
+++ b/tools/signchk-ignore
@@ -0,0 +1,2 @@
+54412f24b6b893bff331b845697145139f1f62b6
+887d5ef0a3d28449ecab3138c0fa25f0fd983158