-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

For nm.debian.org, at 2025-08-20:
For the past X months, I have worked with YUCHIN TSAI on XXX and YYY.

For this past work, YUCHIN TSAI sent mails using the email address tlinux.tsai@gmail.com
which is the one they're using on nm.debian.org, and they signed their work and
email using a GPG key with fingerprint 280C 3FF5 2B9F 785C 78CE  ABAA A235 AC2F 68CD F01D.

I've made sure that they are able to decrypt encrypted messages sent to this key
and that they're able to sign messages with the same key.

Due to the long-term interactions we had, I'm convinced that YUCHIN TSAI as they
present themselves on nm.debian.org is the rightful owner of both email
tlinux.tsai@gmail.com and GPG key 280C 3FF5 2B9F 785C 78CE  ABAA A235 AC2F 68CD F01D.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEM0CzZP9nFT+3zK6FHCgWkHE2rjkFAmil5r0ACgkQHCgWkHE2
rjnGOg/7BY80kf7CcmAUU/oWWxVTwgg8kdOzL/JpwexKlAKMOdq13XohIAi7Pfxk
VaWtwLsUVNflSxTdJoQonTXLTMlzUCOrmfFesNjnsHrgi43OR+VTG7NZxgHrPF4D
Ns9fcN/eX0XjDlbzDDEShPlnQjoJH7X3LjMCQewUkJ6gQti43QS9ooSMeNvlOneI
wNPFIrbulQX6xM3hrsCezpxLlvX1nV+CYvo0A3RA4OszdnE1UnBmaXtV4EUnOE1a
S5gSCh68fClPdkxzepKzxQ0zuXKaYXm4s0Up6TdGHwm9UDgs2Mj4ZY89VcPfaYdZ
S4hHJMyMUyUjfmG7pu+rJXH8r26xWB2gBZTsT4UlFj+HePoQyRHE4qSSWhH6dmQx
iA8WKVXfBZkrVuWO/UvaqYTzu9CxFIrGjVVT1j7siWbnzUJwm4TLM+VBiOdWPL6S
Js1RH+9kmyGRZIJ/iT0u0nT4jj6u9O7IEbPDIqUB8prYM6NIPpFfd7jxQ3W2dyd9
/YwptnrRLJaBxKEPM0EwX5K4kAklW7BDNT1WR8zUTV2uFI4ylHrdxjjyROwwOXy0
ezPqXrlcoklKmalbeMyYKuCEKjWd0SJvrQBGo4QWUodeah9jXmAgf/xOfGmq6CZk
mD8jDBV2AO0R9O+vMNC6xRj21MYH9Lun26Em4mIJzVnoZcBBEPY=
=nSYn
-----END PGP SIGNATURE-----