CollabPlan — Code Signing Key

Public key used to sign RFP bundles and release artifacts produced by CollabPlan. Chave pública usada para assinar artefatos publicados pela CollabPlan.

Fingerprint

61D6 6FB0 0685 0342 6D14  48DA 91F3 F818 3163 0062

Identity

CollabPlan Code Signing <code@collabplan.ai>
ed25519 (sign) — created 2026-04-25 — expires 2028-04-24

Fetch (plain HTTPS)

curl -fsSLO https://keys.collabplan.ai/code-collabplan-pubkey.asc
gpg --import code-collabplan-pubkey.asc
gpg --fingerprint code@collabplan.ai

The fingerprint reported by gpg --fingerprint must match the value above.

Fetch (Web Key Directory)

gpg --auto-key-locate wkd --locate-keys code@collabplan.ai

Resolves automatically via openpgpkey.collabplan.ai (WKD-Advanced). No manual URL handling.

Verifying a CollabPlan artifact

gpg --verify rfp-bundle-canonical.bundle.sig rfp-bundle-canonical.bundle

Output should report Good signature from "CollabPlan Code Signing <code@collabplan.ai>" with the fingerprint above. Any other fingerprint, or a BAD signature result, means do not trust the artifact.

Last rotated: 2026-04-25 · This page is published from etc/keys/public/index.html in the CollabPlan repository.