Missing Security Best Practices - Signed Binary Releases

Why are the released binaries (deb, rpm, and all others) not (PGP) signed? This is a missing best security practice and should be adopted by developers as soon as possible!

1 Like

3 posts were merged into an existing topic: Security Improvement by Distrusting the Infrastructure - Signed Binary Releases

3 votes have been moved.