Heya,
we have a new job on Binary Factory to run arbitrary binaries and zip files through Windows' sign tool:
https://binary-factory.kde.org/job/signme_upload_job/
We'd like to limit access to this job as much as possible. Right now only sysadmins and me may upload binaries to this job and let them be signed.
At least Boud should get access, too, to be able to sign his Krita binaries. I don't want this job to be glued to me alone. I think it's okay to have a circle of trusted people who can freely use the signtool.