As you might have notices, we received an SGA signed with a GPG key. Whimsy verified the key but as far as I can see, the filing process did not store the key in the repository.
Perhaps we should change the name of the key repository to reflect that any of several documents might be signed, and change the code to store the key if it is used to sign any of the documents. WDYT? Craig L Russell c...@apache.org