pull down to refresh
Best way is to spread your key fingerprint around imo.
If you only use one site as the source of trust, it's a single point of failure. Even if it's Github.
I have to do that myself, still figuring things out around PGP keys
pull down to refresh
Best way is to spread your key fingerprint around imo.
If you only use one site as the source of trust, it's a single point of failure. Even if it's Github.
I have to do that myself, still figuring things out around PGP keys
now I finally understand what you mean here, why not just put each dev's key in GitHub 😨