On 10/14/20 11:11 AM, Jiri Denemark wrote:
On Wed, Oct 14, 2020 at 17:28:54 +0200, Erik Skultety wrote:
On Wed, Oct 14, 2020 at 01:38:41PM +0200, Jiri Denemark wrote:
Signed-off-by: Jiri Denemark <jdenemar@xxxxxxxxxx>
---
Notes:
Should we also make the key available for download?
Now that you've provided the fingerprint, isn't it enough for the users to
fetch it from a keyserver should they wish so?
Sure, it is enough. I just wanted to make sure I wasn't the only one who
thought so :-)
The problem is that more and more keyservers are being rendered
worthless by spam keys exploiting their append-only nature, which makes
them no longer an ideal way to get a key. I'd recommend making it
available for download here in addition to the keyservers.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3226
Virtualization: qemu.org | libvirt.org
