Open aacalfa opened 3 years ago
Hi @aacalfa , I am not skilled to PGP keys. So I tried it with my own repo https://github.com/fredgan/go-utils/releases/tag/v0.1 I create a release v0.1 and add a .asc file with my GPG key according to https://wiki.debian.org/Creating%20signed%20Github%20releases
But it said that "make sure it is uploaded to a public keyserver". But which server should I upload to?
Hi Fred, thanks for working on the fix. You could upload to any public key server, for example "pgp.mit.edu" or "certserver.pgp.com", just let us know where to download the key from.
@fredgan any updates on this?
@aacalfa
I added an .asc
file in the latest release. The key has been uploaded to:
https://pgp.mit.edu/pks/lookup?op=get&search=0x7A2898A3ED4C4500
Do you think I should put the public key info in the release page?
@aacalfa I added an
.asc
file in the latest release. The key has been uploaded to: https://pgp.mit.edu/pks/lookup?op=get&search=0x7A2898A3ED4C4500Do you think I should put the public key info in the release page?
Thanks for working on this. Yes, please provide the public key info in the release page so it will help users download and verify with the detach sig file
Hi there,
I was looking at the release page and I could not find any signature file (.sig or .asc) or the PGP keys associated with any of the releases. Can someone please add them?
Thank you, Andre