On Sat, Aug 16, 2025 at 12:45 AM <fos...@posteo.de> wrote: > Hello All, > > In an earlier post I asked why Debian uses PGP to sign packages despite > its complexity. > > Some responded that Sequoia PGP simplifies the process. > > I now wish to ask why Debian uses PGP in general to sign packages when > there are alternatives such as SigStore. > > What were the unique benefits in PGP that could not be found in other > alternatives? > > I thank all in advance for any responses. >
Also see < https://www.debian.org/doc/manuals/securing-debian-manual/deb-pack-sign.en.html >. Jeff
