: README

This directory contains my signify public keys, a key is only used for it's year and signs the key of the next year in advance. For example 2025.pub serves to sign all the releases made in 2025.

Software

signify(1), included in OpenBSD
For other systems I would recommend the port of it by Adrian Perez: https://github.com/aperezdc/signify/
Another option can be usign from OpenWRT: https://git.openwrt.org/?p=project/usign.git;
I no longer recommend using minisign because they chose to break both the secret key format and the signature format

You can verify the key for 2025 with the key for 2024 with this command: signify -V -p 2024.pub -m 2025.pub -x 2025.pub.2024.sig

Also given the small size of the keys and usage exclusive to signing software releases I don't intend to remove old keys.