diff --git a/lib/minisign/private_key.rb b/lib/minisign/private_key.rb
index d3bc57b..50fd66f 100644
--- a/lib/minisign/private_key.rb
+++ b/lib/minisign/private_key.rb
@@ -73,10 +73,15 @@ def ed25519_signing_key
       Ed25519::SigningKey.new(@secret_key.pack('C*'))
     end
 
+    # Sign a file/message
+    #
+    # @param filename [String] The filename to be used in the trusted comment section
+    # @param message [String] The file's contents
+    # @param comment [String] An optional trusted comment to be included in the signature
     # @return [String] the signature in the .minisig format that can be written to a file.
-    def sign(filename, message)
+    def sign(filename, message, comment = nil)
       signature = ed25519_signing_key.sign(blake2b512(message))
-      trusted_comment = "timestamp:#{Time.now.to_i}\tfile:#{filename}\thashed"
+      trusted_comment = comment || "timestamp:#{Time.now.to_i}\tfile:#{filename}\thashed"
       global_signature = ed25519_signing_key.sign("#{signature}#{trusted_comment}")
       [
         'untrusted comment: <arbitrary text>',
diff --git a/spec/minisign/private_key_spec.rb b/spec/minisign/private_key_spec.rb
index 4d4a02f..b36905d 100644
--- a/spec/minisign/private_key_spec.rb
+++ b/spec/minisign/private_key_spec.rb
@@ -68,7 +68,7 @@
       @filename = 'encrypted-key.txt'
       @message = SecureRandom.uuid
       File.write("test/generated/#{@filename}", @message)
-      signature = @private_key.sign(@filename, @message)
+      signature = @private_key.sign(@filename, @message, 'this is a trusted comment')
       File.write("test/generated/#{@filename}.minisig", signature)
       @signature = Minisign::Signature.new(signature)
       @public_key = Minisign::PublicKey.new('RWSmKaOrT6m3TGwjwBovgOmlhSbyBUw3hyhnSOYruHXbJa36xHr8rq2M')