Start signing the released bits
I think that signing tarballs would ensure authenticity and integrity of the sources and thus improve security.
I think that signing tarballs would ensure authenticity and integrity of the sources and thus improve security.