> Conservancy may already have a certificate that we can share and we may not need to purchase a new one, but we should check with the certificate authority that is permissible under their rules.
Sharing a private key isn't a great idea from a build security perspective. I'd prefer our build signing keys be highly restricted to those who truly need access (i.e. to install them on a builder VM).
> Conservancy may already have a certificate that we can share and we may not need to purchase a new one, but we should check with the certificate authority that is permissible under their rules.
Sharing a private key isn't a great idea from a build security perspective. I'd prefer our build signing keys be highly restricted to those who truly need access (i.e. to install them on a builder VM).