Open aacalfa opened 3 years ago
fredgan
commented
3 years ago Hi @aacalfa , I am not skilled to PGP keys. So I tried it with my own repo https://github.com/fredgan/go-utils/releases/tag/v0.1 I create a release v0.1 and add a .asc file with my GPG key according to https://wiki.debian.org/Creating%20signed%20Github%20releases
But it said that "make sure it is uploaded to a public keyserver". But which server should I upload to?
ZiqianXu
commented
3 years ago Hi Fred, thanks for working on the fix. You could upload to any public key server, for example "pgp.mit.edu" or "certserver.pgp.com", just let us know where to download the key from.
aacalfa
commented
3 years ago @fredgan any updates on this?
fredgan
commented
2 years ago @aacalfa
I added an .asc file in the latest release. The key has been uploaded to:
https://pgp.mit.edu/pks/lookup?op=get&search=0x7A2898A3ED4C4500
Do you think I should put the public key info in the release page?
aacalfa
commented
2 years ago @aacalfa I added an
.ascfile in the latest release. The key has been uploaded to: https://pgp.mit.edu/pks/lookup?op=get&search=0x7A2898A3ED4C4500Do you think I should put the public key info in the release page?
Thanks for working on this. Yes, please provide the public key info in the release page so it will help users download and verify with the detach sig file
Hi there,
I was looking at the release page and I could not find any signature file (.sig or .asc) or the PGP keys associated with any of the releases. Can someone please add them?
Thank you, Andre