Update README with new key fingerprints · gitpython-developers/GitPython@8f76463

Original file line number	Diff line number	Diff line change
`@@ -132,19 +132,18 @@ This script shows how to verify the tarball was indeed created by the authors of`
`132`	`132`	`this project:`
`133`	`133`
`134`	`134`	```
`135`		`-curl https://pypi.python.org/packages/7e/13/2a556eb97dcf498c915e5e04bb82bf74e07bb8b7337ca2be49bfd9fb6313/GitPython-2.1.5-py2.py3-none-any.whl\#md5\=d3ecb26cb22753f4414f75f721f6f626z > gitpython.whl`
`136`		`-curl https://pypi.python.org/packages/7e/13/2a556eb97dcf498c915e5e04bb82bf74e07bb8b7337ca2be49bfd9fb6313/GitPython-2.1.5-py2.py3-none-any.whl.asc > gitpython-signature.asc`
	`135`	`+curl https://pypi.python.org/packages/5b/38/0433c06feebbfbb51d644129dbe334031c33d55af0524326266f847ae907/GitPython-2.1.8-py2.py3-none-any.whl#md5=6b73ae86ee2dbab6da8652b2d875013a > gitpython.whl`
	`136`	`+curl https://pypi.python.org/packages/5b/38/0433c06feebbfbb51d644129dbe334031c33d55af0524326266f847ae907/GitPython-2.1.8-py2.py3-none-any.whl.asc > gitpython-signature.asc`
`137`	`137`	`gpg --verify gitpython-signature.asc gitpython.whl`
`138`	`138`	```
`139`	`139`
`140`	`140`	`which outputs`
`141`	`141`
`142`	`142`	```
`143`		`-gpg: Signature made Sat Jun 10 20:22:49 2017 CEST using RSA key ID 3B07188F`
`144`		`-gpg: Good signature from "Sebastian Thiel (In Rust I trust!) <byronimo@gmail.com>" [unknown]`
`145`		`-gpg: WARNING: This key is not certified with a trusted signature!`
`146`		`-gpg: There is no indication that the signature belongs to the owner.`
`147`		`-Primary key fingerprint: 4477 ADC5 977D 7C60 D2A7 E378 9FEE 1C6A 3B07 188F`
	`143`	`+gpg: Signature made Mon Dec 11 17:34:17 2017 CET`
	`144`	`+gpg: using RSA key C3BC52BD76E2C23BAC6EC06A665F99FA9D99966C`
	`145`	`+gpg: issuer "byronimo@gmail.com"`
	`146`	`+gpg: Good signature from "Sebastian Thiel (I do trust in Rust!) <byronimo@gmail.com>" [ultimate]`
`148`	`147`	```
`149`	`148`
`150`	`149`	`You can verify that the keyid indeed matches the release-signature key provided in this`
`@@ -164,18 +163,12 @@ If you would like to trust it permanently, you can import and sign it:`
`164`	`163`
`165`	`164`	```
`166`	`165`	`gpg --import ./release-verification-key.asc`
`167`		`-gpg --edit-key 9FEE1C6A3B07188F`
	`166`	`+gpg --edit-key 88710E60`
	`167`	`+`
`168`	`168`	`> sign`
`169`	`169`	`> save`
`170`	`170`	```
`171`	`171`
`172`		`-Afterwards verifying the tarball will yield the following:`
`173`		-```
`174`		`-$ gpg --verify gitpython-signature.asc gitpython.whl`
`175`		`-gpg: Signature made Sat Jun 10 20:22:49 2017 CEST using RSA key ID 3B07188F`
`176`		`-gpg: Good signature from "Sebastian Thiel (In Rust I trust!) <byronimo@gmail.com>" [ultimate]`
`177`		-```
`178`		`-`
`179`	`172`	`### LICENSE`
`180`	`173`
`181`	`174`	`New BSD License. See the LICENSE file.`