diff --git a/.pubkey/marc_s_weidner_msw+bot@coreseret.dev_0x8733B021_public.gpg b/.pubkey/marc_s_weidner_msw+bot@coreseret.dev_0x8733B021_public.gpg
new file mode 100644
index 0000000..fe51115
Binary files /dev/null and b/.pubkey/marc_s_weidner_msw+bot@coreseret.dev_0x8733B021_public.gpg differ
diff --git a/.pubkey/marc_s_weidner_msw@coresecret.dev_0xE62E84F8_public.gpg b/.pubkey/marc_s_weidner_msw@coresecret.dev_0xE62E84F8_public.gpg
new file mode 100644
index 0000000..f9bd239
Binary files /dev/null and b/.pubkey/marc_s_weidner_msw@coresecret.dev_0xE62E84F8_public.gpg differ
diff --git a/config/hooks/live/0001_initramfs_modules.chroot b/config/hooks/live/0001_initramfs_modules.chroot
index e2ca7b9..7e19a52 100644
--- a/config/hooks/live/0001_initramfs_modules.chroot
+++ b/config/hooks/live/0001_initramfs_modules.chroot
@@ -441,6 +441,14 @@ for dir in bin usr/bin; do
   ln -sf busybox "${DESTDIR}/${dir}/sleep"
 done
 
+
+### Install PGP Signing Keys
+install -m 0444 /root/.ciss/cdlb/keys/0x8733B021_public.gpg "${DESTDIR}/etc/keys/0x8733B021_public.gpg"
+printf "\e[92mSuccessfully executed: [install -m 0444 /root/.ciss/cdlb/keys/0x8733B021_public.gpg %s/etc/keys/0x8733B021_public.gpg] \n\e[0m" "${DESTDIR}"
+install -m 0444 /root/.ciss/cdlb/keys/0xE62E84F8_public.gpg "${DESTDIR}/etc/keys/0xE62E84F8_public.gpg"
+printf "\e[92mSuccessfully executed: [install -m 0444 /root/.ciss/cdlb/keys/0xE62E84F8_public.gpg %s/etc/keys/0xE62E84F8_public.gpg] \n\e[0m" "${DESTDIR}"
+
+
 printf "\e[92mSuccessfully executed: [0001_initramfs_modules.chroot] \n\e[0m"
 
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
diff --git a/lib/lib_lb_config_write_trixie.sh b/lib/lib_lb_config_write_trixie.sh
index 1fe4583..265f5d4 100644
--- a/lib/lib_lb_config_write_trixie.sh
+++ b/lib/lib_lb_config_write_trixie.sh
@@ -112,6 +112,13 @@ lb_config_write_trixie() {
   chmod 0755 "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/usr/lib/live/boot/0030-verify-checksums"
   chown root:root "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/usr/lib/live/boot/0030-verify-checksums"
 
+
+  ### Installing PGP Public Keys for signature verification.
+  mkdir -p "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/root/.ciss/cdlb/keys"
+  install -m 0444 -o root -g root "${VAR_WORKDIR}/.pubkey/marc_s_weidner_msw+bot@coreseret.dev_0x8733B021_public.gpg" "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/root/.ciss/cdlb/keys/0x8733B021_public.gpg"
+  install -m 0444 -o root -g root "${VAR_WORKDIR}/.pubkey/marc_s_weidner_msw@coresecret.dev_0xE62E84F8_public.gpg" "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/root/.ciss/cdlb/keys/0xE62E84F8_public.gpg"
+
+
   ### https://wiki.debian.org/ReproducibleInstalls/LiveImages
   ### https://reproducible-builds.org/docs/system-images/
   ### https://gitlab.tails.boum.org/tails/tails/-/blob/stable/config/chroot_local-includes/usr/share/tails/build/mksquashfs-excludes
diff --git a/scripts/usr/lib/live/config/.keep b/scripts/usr/lib/live/config/.keep
new file mode 100644
index 0000000..b4349f3
--- /dev/null
+++ b/scripts/usr/lib/live/config/.keep
@@ -0,0 +1,10 @@
+# SPDX-Version: 3.0
+# SPDX-CreationInfo: 2025-10-28; WEIDNER, Marc S.; <msw@coresecret.dev>
+# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git
+# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
+# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
+# SPDX-FileType: SOURCE
+# SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0
+# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework.
+# SPDX-PackageName: CISS.debian.live.builder
+# SPDX-Security-Contact: security@coresecret.eu