On Sat, Oct 17, 2015 at 01:46:24AM +0000, Zbigniew Jędrzejewski-Szmek wrote:
> Would it be possible for people who create those keys (or other people > from release-engineering who can verify that they keys are correct) to > sign them with their private keys and upload the resulting signatures > to public key servers? It would provide an additional verification > path. Distribution package signing keys are important enough for this > to be worth the extra work imho. FYI: I do this since some releases for the Fedora keys. Regards Till
signature.asc
Description: PGP signature
-- devel mailing list devel@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
