On Thu, Aug 18, 2022 at 12:53:58PM -0400, John Snow wrote: > Add the pubkey currently used for signing PyPI releases of qemu.qmp to a > stable location where it can be referenced by e.g. Fedora RPM specfiles. > > At present, the key happens to just simply be my own -- but future > releases may be signed by a different key. In that case, we can > increment '1.txt' to '2.txt' and so on. The old keys should be left in > place. > > The format for the keyfile was chosen by copying what OpenStack was > doing: > https://releases.openstack.org/_static/0x2426b928085a020d8a90d0d879ab7008d0896c8a.txt > > Generated with: > > gpg --with-fingerprint --list-keys js...@redhat.com > pubkey > > gpg --armor --export js...@redhat.com >> pubkey
You might want to pass --export-options export-minimal to the second command in order to obtain a significantly smaller file that can still serve the intended purpose. -- Andrea Bolognani / Red Hat / Virtualization