summarylogtreecommitdiffstats
path: root/keys
AgeCommit message (Collapse)Author
2024-02-13fix(cksum): add exported source signing pubkey (RFC0011)Dennis Herbrich
Export and add the pgp public key referenced in `validpgpkeys()` used to sign the upstream source package into a new `keys/pgp` subdirectory for easy import by packagers, without relying on external keyserver infrastructure. IMPORTANT NOTE: inclusion of this public key is by no means a declaration of _trust_ in this particular key's authenticity and/or identification capabilities. Putting trust in keys is your responsibility alone. Availability of this file just saves pacakgers time hunting down the referenced public key. You're welcome. Implements recommendation in (RFC0011)[https://rfc.archlinux.page/0011-store-source-signing-keys/]