[kdeconnect] GPG key used to sign releases?

Albert Vaca albertvaka at gmail.com
Fri Jun 1 08:53:44 UTC 2018


Hi Nicholas,

Find attached the gpg key used to sign the tarballs. I've also uploaded it
to the Ubuntu key server:

https://keyserver.ubuntu.com/pks/lookup?op=vindex&search=albertvaka%40gmail.com&fingerprint=on

Thanks a lot for your time,
Albert

On Thu, May 31, 2018 at 9:02 PM Nicholas D Steeves <nsteeves at gmail.com>
wrote:

> Dear Albert,
>
> Thank you for your work on kdeconnect, it really is a "killer app"!  I
> noticed that Debian (and all derivatives) are not verifying the gpg
> signature provided with the tarball:
>
> https://download.kde.org/stable/kdeconnect/1.3.1/src/kdeconnect-kde-1.3.1.tar.xz.sig
>
> Assuming that it was your key, I searched for it, but unfortunately
> wasn't able to find it on any key servers.  Would you please send me
> the public key used to sign releases?  Maximiliano Curia and I plan to
> update the Debian package this weekend, and it would be nice to add
> gpg signature verification at this time.
>
> I've CCed the kdeconnect mailing list for the benefit of anyone else
> who might be struggling to find this key, but I am not subscribed to
> the list so please take care to CC me.
>
> Sincerely,
> Nicholas
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kdeconnect/attachments/20180601/6a6d71aa/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: albertvaka-key
Type: application/octet-stream
Size: 1696 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kdeconnect/attachments/20180601/6a6d71aa/attachment.obj>


More information about the KDEConnect mailing list