VARASYS/ZDDC-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ZDDC-website/pubkey.pem
ZDDC e4149bf8cd
All checks were successful
Deploy content to live site / deploy (push) Successful in 2s
Details
docs: publish Ed25519 pubkey for apps signing 
Canonical-channel public key. zddc.varasys.io/releases/<artifact>.sig
files are signed with the matching private key (kept locally on the
maintainer's machine, never in CI).

Operators self-hosting zddc-server who use the canonical channels
(`apps: archive: stable` etc.) download this file and pass the local
path via ZDDC_APPS_PUBKEY. Operators with their own signing
infrastructure publish their own pubkey and configure that path
instead.

The releases-page index includes a "Verify your downloads" section
with the SHA-256 fingerprint and a curl + openssl pkeyutl -verify
example for manual verification. zddc-server's apps fetcher does the
same verification automatically when ZDDC_APPS_PUBKEY is configured.

Fingerprint (SHA-256 of DER-encoded SubjectPublicKeyInfo):
  7766dc8cf963f32156ddcc96825c52ba0333ffe4c243ad54f9eaf26195b065ab

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-04 21:59:20 -05:00

3 lines
113 B
Text
Raw Blame History

-----BEGIN PUBLIC KEY-----
MCowBQYDK2VwAyEAXXaxIUIyOFnhD1eZs02nEt3xZ8izOi7bURFcpJ9iWZY=
-----END PUBLIC KEY-----
Reference in a new issue View git blame Copy permalink