Improve the key management for the TBB package signing process
We need to improve how we handle the individual package signing (currently done by Erinn) to eliminate bottlenecks and to allow us to fully rotate release duties.
Ideally, we would have a hardware signing token on a dedicated machine, so we can track the signature count of releases and ensure there is no possibility of rogue signatures. I have a token I can mail to someone for this purpose.
We'll need Erinn's key to sign this new key as well as announce this key, and list it on the keys page, to reduce potential confusion.
We also need to find a dedicated, secure machine to attach this token (or to hold a software key).