--nextPart1883129.CQOukoFCf9
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="iso-8859-1"; protected-headers="v1"
From: Ingo =?ISO-8859-1?Q?Kl=F6cker?= <kloecker@kde.org>
To: kde-community@kde.org
Date: Wed, 10 Jan 2024 21:07:25 +0100
Message-ID: <3465782.QJadu78ljV@daneel>
In-Reply-To: <4890807.31r3eYUQgx@vkpc5>
MIME-Version: 1.0

On Mittwoch, 10. Januar 2024 19:12:03 CET Volker Krause wrote:
> On Mittwoch, 10. Januar 2024 15:44:27 CET Ingo Kl=F6cker wrote:
> > No. Wait. For new apps there's also a technical reason. For new apps
> > Google
> > Play requires application bundles (AAB) instead of APKs. We can build A=
AB
> > (at least for Qt 5) on invent, but we cannot sign them yet. Shouldn't be
> > to
> > hard to add given that it's mostly identical to APK signing. I'm going =
to
> > work on this once signing of Windows binaries is done.
>=20
> Related to that: we probably want to use a new key for the AAB signing, as
> we have to hand that one out to Google when publishing AABs to their store
> AFAIU?

Yes, we have to hand the signing key(s) to Google. We should follow Google'=
s=20
advice and use separate signing keys for all new applications.

Regards,
Ingo

--nextPart1883129.CQOukoFCf9
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part.
Content-Transfer-Encoding: 7Bit

-----BEGIN PGP SIGNATURE-----

iHUEABYKAB0WIQTbjgIOMowwlCBgvyGxb1mVFkdKugUCZZ74/QAKCRCxb1mVFkdK
ujGzAPsHtaEjw/AFzqyAEzVdC4HaP25+CQ01sRWtvx1UBtoKuwD/X2jKVZACzgeg
mQht5tBp5rr7XzQ3cVXAfYuCnauzEwg=
=1TiM
-----END PGP SIGNATURE-----

--nextPart1883129.CQOukoFCf9--