|
|
|
The root trust of Arch Linux is established by a set of three or more main signing keys held by one developer each. For each main signing key there is one holder of a revocation certificate in the developer group, who is not also a holder of a main signing key.
|
|
|
|
|
|
|
|
Each packager's signing key is signed by at least three valid main signing keys.
|
|
|
|
|
|
|
|
The status of and relationship between main signing keys and packager signing keys can be reviewed on https://archlinux.org/master-keys/
|
|
|
|
|
|
|
|
----
|
|
|
|
[Key Infrastructure](key-infrastructure)
|
|
|
|
|
|
|
|
[Best Practices](best-practices)
|
|
|
|
|
|
|
|
[Frequently Asked Questions](faq)
|
|
|
|
|
|
|
|
[Workflows](workflows) |
|
|
\ No newline at end of file |
