> Users can fetch/pull from Github. We could also provide automatic signed tags every 30min/1h/2h/whatever (signed with a suitable infrastructure key). With that, the integrity of a tagged git checkout can be easily verified on client side.
Best, Matthias
signature.asc
Description: PGP signature
