Multiple dev one signing key
Werner Koch
wk at gnupg.org
Mon Mar 11 15:21:49 CET 2019
On Mon, 11 Mar 2019 12:43, johndoe65534 at mail.com said:
> Just to be clear, you Werner will sign everything that needs to be
> signed for a release with your personal key.
In practise that is the case. However, anyone of our small group can
sign releases and also update the online list of current version
numbers.
> As an extra layer of security Niibe will also sign the release and send
> you the detacht signature.
One signature is actually sufficient but for users of the Web of Trust a
second signature might a difference to some.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190311/27a25c41/attachment.sig>
More information about the Gnupg-users
mailing list