LAVOS-PUBKEY

Edition signing identity · Project Lavos LLC

Public artifacts

/pubkey.pem — current active signing public key (ed25519)
/revoked.txt — revocation list
/rotation-policy.md — written key rotation policy
/editions-policy.md — edition numbering + lineage policy
/keys-policy.md — full KEYS.md spec document
/conformance.md — LAVS-001 conformance test suite documentation
/tutorial.md — "Writing a LAVS-001 decoder in any language" — implementer walk-through

STATUS: The pubkey.pem currently served at this URL is a placeholder stub. The real public key will replace it once the YubiKey hardware is provisioned and the signing key is generated on-device. Until then, no `.lavs` edition is signed — every edition under Project Lavos LLC is a release candidate per editions-policy.md §6. Compliant verifiers SHOULD refuse to validate signatures against the stub key.

What this site is

This is the canonical publication endpoint for the Project Lavos LLC edition-signing identity. The Lavos Binary Format (LAVS-001) at github.com/guitargnarr/lavs-format defines a sealed-container format for numbered Lavos design editions. Every signed .lavs file carries a signature; verifying that signature requires the public key published here.

For verifiers

Fetch the revocation list before validating any edition signature (24h max cache TTL).
Validate signatures against the public key at /pubkey.pem.
Display revoked-key state when applicable.
If this URL is unreachable, display the edition with a "signature not verified" warning rather than refusing it outright.