[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Weechat-dev] [bug #37428] GPG signatures and downloading over TLS
|
From: |
Abel Luck |
|
Subject: |
[Weechat-dev] [bug #37428] GPG signatures and downloading over TLS |
|
Date: |
Sun, 23 Sep 2012 16:38:21 +0000 |
|
User-agent: |
Mozilla/5.0 (Windows NT 6.1; rv:10.0) Gecko/20100101 Firefox/10.0 |
URL:
<http://savannah.nongnu.org/bugs/?37428>
Summary: GPG signatures and downloading over TLS
Project: WeeChat
Submitted by: abelxluck
Submitted on: Sun 23 Sep 2012 04:38:21 PM GMT
Category: packaging
Severity: 3 - Normal
Item Group: security
Status: None
Privacy: Public
Assigned to: None
Originator Name:
Originator Email:
Open/Closed: Open
Discussion Lock: Any
Release: other
IRC nick: abeluck
_______________________________________________________
Details:
Hi there, I can't seem to find any signatures to download and verify along
side the binary packages or source tarballs.
Most users probably get weechat from their distro's packages, but as far as I
can tell, the packagers have no way to verify the authenticity of the source
tarballs they download.
It would be great if the download page could link to the signature, moreover,
if the downloads were available for TLS, that would be useful as well.
If you have any questions about how to implement GPG signing/verification into
the release process, let me know, I'd be more than happy to help.
_______________________________________________________
Reply to this item at:
<http://savannah.nongnu.org/bugs/?37428>
_______________________________________________
Message sent via/by Savannah
http://savannah.nongnu.org/
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Weechat-dev] [bug #37428] GPG signatures and downloading over TLS,
Abel Luck <=