establish policy for what is needed to be a website deploy signer
Ok, the bus-factor factor isn't too bad on this one, @uniqx @CiaranG and me all can sign the deploy tags to make the website deploy. But I was just thinking, I think we can open this up more so its easier to get TWIF/etc out. IMHO these are the criteria:
- A core contributor with at least Reporter status in the fdroid group.
- At least Developer status on https://gitlab.com/fdroid/fdroid-website so the tags can be pushed directly.
- A GnuPG signed by at least one other contributor (for anyone who is a regular on the weekly meeting, that would be easy).
- The private GnuPG key on a smartcard (e.g. Nitrokey).
- The private key not present on the regular laptop (could be generated on the Nitrokey, a laptop devoted to managing keys, or something like that)
f-droid.org is a core root of trust for the community, that's why these measures are needed. And it is not feasible to publish the blog posts on f-droid.org at a different level of security.