@pox yes, things have changed with 22.x
the 'release key' is no longer in use, attestations to the binaries are signed by everyone that does a reproducible (guix) build
@orionwl got it.
How can I see which of the signing keys are trusted by people I already trust? Not sure how to verify the keys I see on github otherwise.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!