Request for code signing certificate for adoptium.temurin
Summary
As per recent discussion with Mikael, we'd like to start signing all of our Temurin deliverables with an Eclipse-owned key and so I am requesting that a suitable key/process is available for us to do this.
This will allow us to satisfy the requirements of https://github.com/adoptium/temurin-build/issues/1275
Steps to reproduce
n/a - we need to be able to sign and allow end users to verify the signature is authentic
What is the current bug behavior?
No way to verify authenticity
What is the expected correct behavior?
User can perform GPG authenticity checks on the downloaded binaries