Add PGP keys to /security

Author: hamzaremmal

security.md

@@ -12,11 +12,22 @@ Security announcements related to Scala are published to the ["Security Announce
 Messages to this channel can only be posted by administrators, so it is very low traffic.
 To set up email notifications for new security announcements, read [this post](https://users.scala-lang.org/t/about-the-security-announcements-category).
 
+## Releases Integrity
+
+To ensure the integrity of all the releases, our organization uses [PGP](https://gnupg.org/) keys for cryptographic signing. 
+We provide below an **exhaustive** list of all the keys
+used for signing the artifacts under the `org.scala-lang` namespace on [Maven Central](https://central.sonatype.com/namespace/org.scala-lang)
+
+|                    Fingerprint                    | Algorithm |                                                       Public Key                                                        |
+|:-------------------------------------------------:|:---------:|:-----------------------------------------------------------------------------------------------------------------------:|
+| 86DA 41A5 E169 9C9C EBE9 64A8 A905 2B1B 6D92 E560 | RSA-4096  | [Download Public Key](https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x86da41a5e1699c9cebe964a8a9052b1b6d92e560) |
+| ACF3 9CCD ED38 E2C6 F089 8BF2 8F7F 6C04 5196 7B84 | RSA-4096  | [Download Public Key](https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xacf39ccded38e2c6f0898bf28f7f6c0451967b84) |
+
 ## Reporting Vulnerabilities
 
 We strongly encourage reporting security issues in Scala to us privately before disclosing them in public.
 
-The email address for security related communication is `[email protected]`.
+The email address for security related communication is [`[email protected]`](mailto:[email protected]).
 Messages are delivered to the Scala Security Team, which includes people from EPFL, the Scala Center, VirtusLab and Lightbend.
 
 We strive to acknowledge reports within 2 business days.