the libk project keyring contains the public signify keys of the team members who are authorized to cut an official libk release. for security reasons, the keyring is not part of the libk repository itself; only those with root access to the libk server have write access to it. the keyring is always signed by the current project maintainer; always verify this signature before relying on keyring signatures for authentication.
- keyring URL: https://c.comint.su/keyring/libk
you can find individual developer PGP fingerprints on the personnel roster, but never use that page (or PGP) to authenticate a release; always use the dedicated project signify keyring. not all developers are authorized to issue a release tarball.