Due to an influx of spam, we have had to temporarily disable account registrations. Please write an email to accountsupport@archlinux.org, with your desired username, if you want to get access. Sorry for the inconvenience.
- Verify, that the public key as identified by the PGP key ID follows the [best practices](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/best-practices#validating-a-key-pair)
- Only consider `@archlinux.org` UIDs
## Workflow
1. Send a generated token (e.g. a random string) to the UID as identified by the PGP key ID in an encrypted e-mail
2. Wait for the holder of the UID to respond with an encrypted e-mail holding the [clearsigned](https://www.gnupg.org/gph/en/manual/x135.html) token, using their UID
3. Verify the authenticity of the clearsigned token by matching the output of `gpg --verify <clearsigned token>` with that of `gpg --keyid-format long --list-keys <UID>`