* Stefano Rivera: " Alternative signature mechanisms for upstream source verification" (Fri, 4 Oct 2024 18:21:01 +0000):
[...] > Should we expand this to include some of these new mechanisms? > Things brought up in the debian-python thread include: > 1. sigstore https://docs.sigstore.dev/ > 2. ssh signatures > 3. signify https://man.openbsd.org/signify.1 JFTR: Tryton moved from pgp signatures to signify, so of course I would appreciate if this format could be handled as well. -- Mathias Behrle PGP/GnuPG key availabable from any keyserver, ID: 0xD6D09BE48405BBF6 AC29 7E5C 46B9 D0B6 1C71 7681 D6D0 9BE4 8405 BBF6
