During update or revert operations server components should be verified using GPG signatures. We need to change the update/revert handlers to handle missing public keys and add operations to manage the set of trusted public keys.