phpboyscout.uk
The OpenPGP keys used to sign PHP Boy Scout software releases. They're published over Web Key Directory (WKD), so your tools can find and trust them without you hunting down a keyserver.
WKD resolves straight from the email address — no fingerprint to copy by hand:
gpg --locate-keys release@phpboyscout.uk
Then verify a signed release the usual way:
gpg --verify mytool_1.2.3_checksums.txt.asc mytool_1.2.3_checksums.txt
gpg --locate-keys ffmpeg-wasi-release@phpboyscout.uk
Don't take this page's word for it. The point of WKD is that the key travels with the domain, and a second, independent copy is cross-checked so a single compromised account can't quietly swap it. The reasoning is written up on the blog: Publish your key where they can't touch it and A signature the platform can't forge.