468161cbce
Provide some explanatory prose about handling of OpenPGP signatures for Git tags and similar release artifacts. Also provide a copy of the corresponding public keys, for improved provenance. New keys should be added each cycle as they're rotated into use. Change-Id: I083bc8acf8d95e938afb5446d786eedf4fc43751