On 07/06/2017 09:44 AM, NicoHood wrote: > And yes, I am doing stuff in the background. I wrote a guide and a tool > that simplifies source code signing[1] and I am doing a detailed > security analysis on all ArchLinux packages. And once it is ready I will > request gpg signatures from every upstream source, especially packages > from [core]. >
Forgot the reference: [1] https://github.com/NicoHood/gpgit
signature.asc
Description: OpenPGP digital signature