To be clear, PGP signatures can still be uploaded and they are still available for download, they just don’t appear in the UI anymore. Longer term I’d *like* to get rid of PGP signatures, because I think their value here is actually pretty low. In that case they’d be replaced with TUF, but that’s a longer term project. |