[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [be] Verification of release tar balls
|
From: |
Teus Benschop |
|
Subject: |
Re: [be] Verification of release tar balls |
|
Date: |
Mon, 27 Sep 2010 18:51:37 +0200 |
On Mon, 2010-09-27 at 19:40 +1000, John Marshall wrote:
> The checksums, by themselves, provide a means to verify the integrity of
> the downloaded tar ball (is it OK or corrupted). A PGP signature
> provides that PLUS a means of verifying the origin of the published tar
> ball.
The GnuPG key-pair was generated and the public key was uploaded to
hkp://keys.gnupg.net. Its ID is 71D6A5C6. The detached signature was
created, and was uploaded to the directory where the tar ball is. This
should give the possibility of verifying the tar balls that they are
good.
Teus
- [be] Verification of release tar balls, John Marshall, 2010/09/23
- Re: [be] Verification of release tar balls, Teus Benschop, 2010/09/23
- Re: [be] Verification of release tar balls, Jonathan Marsden, 2010/09/23
- Re: [be] Verification of release tar balls, Teus Benschop, 2010/09/24
- Re: [be] Verification of release tar balls, David Gardner, 2010/09/24
- Re: [be] Verification of release tar balls, Teus Benschop, 2010/09/24
- Re: [be] Verification of release tar balls, Jonathan Marsden, 2010/09/24
- Re: [be] Verification of release tar balls, Teus Benschop, 2010/09/25
- Re: [be] Verification of release tar balls, John Marshall, 2010/09/27
- Re: [be] Verification of release tar balls,
Teus Benschop <=
- Re: [be] Verification of release tar balls, John Marshall, 2010/09/27