stop encouraging unnecessary usage of GPG

This key rotation happened a long time ago. It's safer to avoid GPG than
trying to use it for additional assurance, especially since the signify
public key has been made available at multiple locations to allow easy
verification.
This commit is contained in:
Daniel Micay 2020-04-28 10:48:12 -04:00
parent 7289334e04
commit 561fd90725

View File

@ -204,10 +204,7 @@ Installed as /home/username/downloads/platform-tools/fastboot</pre>
<p>This is the content of <code>factory.pub</code>:</p>
<pre>untrusted comment: GrapheneOS factory images public key
RWQZW9NItOuQYJ86EooQBxScfclrWiieJtAO9GpnfEjKbCO/3FriLGX3</pre>
<p>The <code>factory.pub</code> has
<a href="https://releases.grapheneos.org/factory.pub.asc">a detached signature</a>
made with the previously used GPG key to verify that this is an authorized key
rotation. The public key has also been published via the official
<p>The public key has also been published via the official
<a href="https://twitter.com/GrapheneOS/status/1145259815851253762">@GrapheneOS Twitter
account</a>,
<a href="https://www.reddit.com/r/GrapheneOS/comments/c7gb3f/grapheneos_factory_images_are_now_signed_with/esewpm9">the /u/GrapheneOS