On Wed, Feb 26, 2025 at 1:32 PM Dimitris Soumis <dsou...@apache.org> wrote:
> Hi all, > > I was verifying the signature for the Tomcat 10.1.36 source tarball and > noticed that the RSA key used to sign it ( > 3262A061C42FC4C7BBB5C25C1CF0293FA53CA458) is not present in the KEYS > files. That is the case for 10.1.35 too. > > Kind regards, > Dimitris > > Just verified that this is a valid key from Christopher, so I suppose that just the KEYS file should be updated with the new key :)
