I don't like the way SSL Certs are managed....so that only leaves gpg.

Recently had an issue with gpg which disturbed some grey cells and disrupted their slumber.

I don't get out much (lockdown understatement) so my current 'web of trust' is zero and unlikely to expand anytime soon using the conventional method of exchanging keys down the pub. I am also aware that 'thinking' can be a dangerous pastime.....

Is there any mileage or interest in a Devuan web of trust where we can exchange keys ?

I would be interested to hear from the more security knowledgeable members on the list as to whether this is even feasible.

Knowing that something had been signed by the Devuan Community would earn more trust from me than anything signed by Red Hat, IBM, Google..ad infinitum.