(In reply to Matthias Gerstner from comment #17) > Sadly it looks like there is no up to date suitable public URL existing that > documents our keys. Introducing one will probably take a longer time and the > question also is who would be responsible for creating it and maintaining it. I don't know who is the MASTER of our keys (but I hope there is one). IMO the one/team who owns a private keys should somehow track it on a public page. Don't we SUSE/openSUSE have something like https://getfedora.org/security/ ?