jessopb
commented
2 years ago https://github.com/lbryio/lbry-desktop/releases/download/v0.53.6/LBRY_v0.53.6_sigs.asc This is here on every release - do you need something else?
Open RubenKelevra opened 2 years ago
jessopb
commented
2 years ago https://github.com/lbryio/lbry-desktop/releases/download/v0.53.6/LBRY_v0.53.6_sigs.asc This is here on every release - do you need something else?
RubenKelevra
commented
2 years ago @jessopb yes. That's a file listing sha keys, which then gets signed.
I need a signature file for the .deb file.
AKA gpg --sign * in the folder with the release files, to create a corresponding signature next to them in as .asc file.
Thanks in advance! :)
I'm the package maintainer for lbry-desktop-bin (and other lbry-desktop packages) for ArchLinux.
The request
It would be nice to have a PGP signature for each file, specifically the .deb file in my case. The reason being that the package builder for Arch can check the signature, if a signature file and a key ID is provided. Currently, it is just checking the package integrity with the blake2b sum, which I provide. A signature file would enable an authenticity check of the file from your computer to the end user's computer.