Listing the keys in the used in the repository.

[da2ce7]

Bitcoin has a file within their repository that lists the GPG key-fingerprints that are used by the developers and builders.

https://github.com/bitcoin/bitcoin/tree/master/contrib/builder-keys

This is a good way to authenticate a new developer for the project.

I think that the GPG-Bootcamp could explain how to upload a key to the keysever, and request for listing in the keys.txt file.

[cgbosse]

I looked at the link and repo.
This can be implemented. However, given that we have 18 repositories to date I think that we should use a central file for this and have it in the organization repository.

One question though:
The yellow part in the screenshot we do not need, ¿correct? Each ones key is imported into GitHub from his profile.

[josecelano]

This is related to a new article proposal I have added.

With the keys.txt file you can get the list of public keys. And you can use a Git Tag to obtain the public key instead of using an external GPG server like http.

I do not know the pros and cons of using your own key server vs a well-known one.

cc @da2ce7