zlacker
[parent]
[thread]
1 comments
1. mh-+(OP)
[view]
[source]
2025-08-25 21:15:40
My assumption is they want to eliminate/prevent schemes where a ton of apps are signed as a service by a small number of centrally controlled keys.
Someone elsewhere in the thread said this is how F-Droid works, but I can't confirm firsthand.
replies(1):
>>layer8+D
◧
2. layer8+D
[view]
[source]
2025-08-25 21:20:25
>>mh-+(OP)
The signing certificate should indicate who is signing, and therefore who is liable. But maybe that’s not how they set it up previously.
[go to top]