summaryrefslogtreecommitdiff
path: root/release-verification-key.asc
Commit message (Collapse)AuthorAgeFilesLines
* Adjust signature key - please read if you verify installs/packagesSebastian Thiel2020-09-041-40/+80
| | | | | | | | | | | | | | | | After a recent 'cleanup' operation that attempted to simplify my GPG key workflow with Yubikeys, it looks like my GPG installation has 'forgotten' how to interact with the key I typically used to sign GitPython releases. Since I never managed to establish a chain of trust with my only remaining 'good' key, for you this means you cannot trust new GitPython releases anymore. There is nothing I can do about except to apologize for the hassle. If you want to make constructive suggestions on how to fix this, I am happy to work with you on that.
* Sign with a different key for now, it's USB-C and can be usedSebastian Thiel2020-02-081-1732/+40
|
* Add Yarikoptic to allowed release keysSebastian Thiel2017-12-111-106/+1731
| | | | | | | > pub rsa4096/A2DE235062DA33FA 2010-06-07 Yaroslav Halchenko (Yarik) <yoh@onerussian.com> > Primary key fingerprint: C5B9 05F0 E8D9 FD96 68FF 366F A2DE 2350 62DA 33FA As per https://github.com/gitpython-developers/GitPython/pull/702#issuecomment-350745673
* Update signing key to latest versionSebastian Thiel2017-10-181-70/+106
| | | | | I rotated my key as the previous one was suffering from ROCA.
* docs(README): make it easier to verify gitpython tarballsSebastian Thiel2017-06-171-0/+74
Also provide my public key with this repository, hoping that people can trust it as this commit is signed with it too :).
View Lorry Controller Status