Is your feature request related to a problem? Please describe.
The RFC currently only mentions OpenPGP keys as an option for signing, while it's also possible to sign artificial data with SSH keys. It has also became integrated with git, Gitea and GitHub and GitLab are either interested or working on supporting it. Thus I think SSH signatures are going to rise in popularity and should be considered by security.txt
Describe the solution you'd like
I would like security.txt to allow signing the file using SSH keys too.
Describe alternatives you've considered
- Staying with OpenPGP requiring administrators to keep multiple types of keys.
- Having a
# comment in security.txt pointing to SSH signature.
Additional context
I think SSH signatures require detached signatures tying this issue with #206 and #214 mentions age by name, which again reuses SSH keys.
Is your feature request related to a problem? Please describe.
The RFC currently only mentions OpenPGP keys as an option for signing, while it's also possible to sign artificial data with SSH keys. It has also became integrated with git, Gitea and GitHub and GitLab are either interested or working on supporting it. Thus I think SSH signatures are going to rise in popularity and should be considered by security.txt
Describe the solution you'd like
I would like security.txt to allow signing the file using SSH keys too.
Describe alternatives you've considered
# commentin security.txt pointing to SSH signature.Additional context
I think SSH signatures require detached signatures tying this issue with #206 and #214 mentions
ageby name, which again reuses SSH keys.