On samedi 4 juin 2016 00:18:44 CEST Sandro Knauß wrote: > On the one side, if the privatekey is easy to grab, it does not help > improving security, but if the private key, lifes at only on a specifc > secured computer it would help a lot.
Well, Albert and I use (the same user on) the same server to make releases. So the private key will have to be on that server, otherwise it will become very inconvenient (download, sign, upload). But if that's good enough, and if we can tell gpg2 which private key to use (so he and I don't use the same), then we can proceed with the idea. -- David Faure, fa...@kde.org, http://www.davidfaure.fr Working on KDE Frameworks 5 _______________________________________________ release-team mailing list release-team@kde.org https://mail.kde.org/mailman/listinfo/release-team
