On 2022-06-24 18:40, Dániel Fancsali wrote: > I thought, I'll create a separate subkey for signing the package (and > keep my master key off-line, and the others keys separate from this > debian-signing-subkey). Would that be considered good practice? Or is > there something I can't see here?
This is done quite commonly, actually. [1] and [2] have more info. Best, Christian [1] https://wiki.debian.org/GnuPG/AirgappedMasterKey [2] https://wiki.debian.org/Subkeys
