Julian>Makes sense. I am forever confused by signing & keys. If other people have no concerns, then I’m fine.
I'm fine with the current signature. Hopefully, https://sigstore.dev/ would mature soon so we have better than PGP tools to sign the artifacts. I'm not sure if adding https://jedisct1.github.io/minisign/ adds something valuable at this point though. Vladimir
