Add information on how to fetch PGP Ring public key

Issue generated from Tuleap's migration script. Originally submitted by: Guillaume Roguez (guillaume)

The fact that manualy installed packages (GNU/Linux ones) need to have an installed Ring public key
on the user system is not indicated anywhere.

Who wants to check the signature of our packages needs this key.

An example on Fedora to fetch and install this key:
gpg --keyserver pgp.mit.edu --recv-keys A295D773307D25A33AE72F2F64CD5FA175348F84
gpg --export -a A295D773307D25A33AE72F2F64CD5FA175348F84 > /tmp/ring.pubkey
sudo rpm --import /tmp/ring.pubkey