> If the juju tool only knows the "official juju" public key. How does > that not validate the tools are from a trusted source? It doesn't help > the --upload-tools case, but those are put in your private bucket anyway. uh, we're creating to tool that is uploaded. We can tell it to ignore signatures, or sign it ourselves and embed the key.