amuza: > Hi, > > I have not found your OpenPGP keys or signed packages at jami.org > > Maybe they are there and I have not found them. Please let me know if > you gpg-sign your packages. > > Thank you! > >
As I got no answer, I guess you don't sign your packages. But, if that's the case, why? It would be good for every Jami user to have a public key we can always trust when verifying a Jami package. Wouldn't it? That is a very common thing, specially for this kind of software. Not having it can make existing and potential new Jami users feel suspicious or less secure. Of course we users would need to trust the signer, maybe by trusting some other signature in their key, but that's a complete different story.
signature.asc
Description: OpenPGP digital signature
