On Tue, Aug 23, 2022, 5:16 AM Andrea Bolognani <abolo...@redhat.com> wrote:
> On Thu, Aug 18, 2022 at 12:53:58PM -0400, John Snow wrote: > > Add the pubkey currently used for signing PyPI releases of qemu.qmp to a > > stable location where it can be referenced by e.g. Fedora RPM specfiles. > > > > At present, the key happens to just simply be my own -- but future > > releases may be signed by a different key. In that case, we can > > increment '1.txt' to '2.txt' and so on. The old keys should be left in > > place. > > > > The format for the keyfile was chosen by copying what OpenStack was > > doing: > > > https://releases.openstack.org/_static/0x2426b928085a020d8a90d0d879ab7008d0896c8a.txt > > > > Generated with: > > > gpg --with-fingerprint --list-keys js...@redhat.com > pubkey > > > gpg --armor --export js...@redhat.com >> pubkey > > You might want to pass > > --export-options export-minimal > > to the second command in order to obtain a significantly smaller file > that can still serve the intended purpose. > OK, I'll test with this option. Thanks! ((Doesn't know anything about gpg)) > -- > Andrea Bolognani / Red Hat / Virtualization > >
