Looking at sources stored at
download.kde.org I see that each package
sources tarball is provided with a key to verify source integrity.
Packaging guidelines recommend [1] to use the source file verification
through keys whenever possible. However, I'm unable to find where KDE
provides the keyring used to generate the keys... does anyone knows
where to find it?
Thanks
Mattia
[1]
https://docs.fedoraproject.org/en-US/packaging-guidelines/#_source_file_v...