This page lists the Arch Linux Master Keys. This is a distributed set of keys that are seen as "official" signing keys of the distribution. Each key is held by a different developer, and a revocation certificate for the key is held by a different developer. Thus, no one developer has absolute hold on any sort of absolute, root trust.
The {{ keys|length }} key{{ keys|pluralize }} listed below should be regarded as the current set of master keys. They are available on public keyservers and should be signed by the owner of the key.
All official Arch Linux developers and trusted users should have their key signed by at least three of these master keys. This is in accordance with the PGP web of trust concept. If a user is willing to marginally trust all of the master keys, three signatures from different master keys will consider a given developer's key as valid. For more information on trust, please consult the GNU Privacy Handbook and Using trust to validate keys.
| Master Key | Full Fingerprint | Owner | Owner's Signing Key | Revoker | Revoker's Signing Key | Developer/TU Keys Signed |
|---|---|---|---|---|---|---|
| {% pgp_key_link key.pgp_key %} | {{ key.pgp_key|pgp_fingerprint }} | {% with key.owner.userprofile as owner_profile %}{{ key.owner.get_full_name }} | {% pgp_key_link owner_profile.pgp_key %} | {% endwith %} {% with key.revoker.userprofile as revoker_profile %}{{ key.revoker.get_full_name }} | {% pgp_key_link revoker_profile.pgp_key %} | {% endwith %}{{ key.signature_count }} |