Skip to main content

Signing Keys

TODO

This article is a work in progress.

Signing keys for the Apostrophy OS platform and its updates exist in precisely two places;

  • an air-gapped workstation at Apostrophy Technology HQ,

  • a bank vault.

The process of releasing updates to the platform (and its system packages) is therefore relatively involved.

Signing Processes

We distinguish the following categories of processes:

  • Android Platform developers, including those for system apps

    Developers must be able to repeatedly and reliably (...)

  • Intermediate releases not intended for public consumption

    These include builds for feature preview releases, proof-of-concept implementations and acceptance testing, but must not be applicable to general public devices

  • General Availability Releases

    For both the platform and intermediate updates to associated system packages