Please get release key cross-signed & advertise it

[jonathancross]

I am trying to verify the PGP signature on a release.
It was signed with key DAA24D878B8D36C90120A897CA02DAC12DAE2D0F which was just created in June and has no cross signatures. DuckDuckGo doesn't know anything about this key.

I see Woodser has a key in this repo, but that key has nothing to do with this key above.

Can you please cross-sign each other's keys and advertise the proper haveno-reto signing key fingerprint in a few places?

Ideally get some prominent people in Monero to also certify the key.

Ideally all commits should also be gpg signed.

Why?

We should not trust GitHub / Microsoft infrastructure.
If something goes wrong, there should be a digitally signed audit trail.

Thanks!

[boldsuck]

I got it from here: https://haveno-reto.com/reto_public.asc
You can also request the key or fingerprint in their Haveno-reto SimpleX group.

@woodser will not sign any third-party Haveno mainnet instances. He only develops test- (stagenet) software.
Other prominent people in Monero community, maybe.