diff --git a/README.rst b/README.rst index f6132773e..9b5451c61 100644 --- a/README.rst +++ b/README.rst @@ -114,6 +114,22 @@ Now doing another backup, just to show off the great deduplication: For a graphical frontend refer to our complementary project `BorgWeb `_. +Checking Release Authenticity and Security Contact +================================================== + +`Releases `_ are signed with this GPG key, +please use GPG to verify their authenticity. + +In case you discover a security issue, please use this contact for reporting it privately +and please, if possible, use encrypted E-Mail: + +Thomas Waldmann + +GPG Key Fingerprint: 6D5B EF9A DD20 7580 5747 B70F 9F88 FB52 FAF7 B393 + +The public key can be fetched from any GPG keyserver, but be careful: you must +use the **full fingerprint** to check that you got the correct key. + Links =====