Outdated GPG signing keys info on website
Daniel Vrátil
dvratil at kde.org
Sun Oct 28 00:43:44 BST 2018
Hola!
looking for GPG keys for Applications tarballs signatures, Google has lead me
to https://kde.org/download/signature.php which contains a pair of fairly
outdated GPG keys - I don't know if this site is linked from anywhere, but IMO
it should either be updated with keys of people who do sign our tarballs these
days or removed completely - it would certainly improve the trustworthiness of
the signatures :-)
Cheers,
Daniel
--
Daniel Vrátil
www.dvratil.cz | dvratil at kde.org
IRC: dvratil on Freenode (#kde, #kontact, #akonadi, #fedora-kde)
GPG Key: 0x4D69557AECB13683
Fingerprint: 0ABD FA55 A4E6 BEA9r9A83 EA97 4D69 557A ECB1 3683
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/release-team/attachments/20181028/f6ab866c/attachment.sig>
More information about the release-team
mailing list