Looking at sources stored at download.kde.org I see that each package sources tarball is provided with a key to verify source integrity. Packaging guidelines recommend [1] to use the source file verification through keys whenever possible. However, I'm unable to find where KDE provides the keyring used to generate the keys... does anyone knows where to find it? Thanks Mattia [1] https://docs.fedoraproject.org/en-US/packaging-guidelines/#_source_file_verification _______________________________________________ kde mailing list -- kde@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to kde-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/kde@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
