Can unman public keys be verified using pgp web of trust?

I downloaded unman’s public key. And the unman page on github GitHub - unman/unman
I compared fingerprints here.
Is there any further way to verify unman’s key at present?

There’s many ways to “skin this cat”, IMO it all depends on one’s personal workflow.

Perhaps you might find this white-paper helpful?

That’s a good question.
I don’t have a T shirt. :frowning:
You can find the fingerprint in the Forum and on qubes-users, as well as
at, and GitHub.
The GitHub page is signed with another key, which is on the Qubes
website, used for email. (But how to confirm that?)
If you take different routes to those sources - to avoid someone
controlling your network - like checking over Tor, you should have some
confidence in the fingerprint, which is:

I never presume to speak for the Qubes team. When I comment in the Forum or in the mailing lists I speak for myself.