Hi, those of you who make use of signed tarballs/binaries/other files on the consumer side:
Please tell your use-case for accessing and using the public keys of the signers, and what the options are you would like to see supported on KDE side. Do so directly on the related task on Phabricator: https://phabricator.kde.org/T11304 Also curious if the pure keys are fine, or if you would fancy whatever support for keys signed by others, for some "KDE web of trust", given that the global SKS system seems without a future, from what I understood. Myself have not really experience in making use of signatures, but doing signed tarballs for some KDE projects myself since some time, I would prefer some sane organized place to put my key, also would prefer to know the signing overhead makes sense by being relied on by at least some, in a proper way ;) So: please head over to https://phabricator.kde.org/T11304 and share your wisdom/needs. TIA & Cheers Friedrich