Re: gpg checking downloads

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Tom Horsley wrote:
> The torrents for the Fedora downloads include gpg signed
> checksum files (SHA1SUM for old releases, *-CHECKSUM for
> fedora 11 beta and wot-not).
>
> It would sure be handy to have instructions directly
> on the download pages that tell you how to actually
> verify the signature and check the checksums :-).

Well, the main get-fedora page does have a link to the verification
instructions¹ in the Resources block that is just to the right of the
download links.

The get-prerelease page doesn't have all of that detail, but I think
the general assumption is that the sort of folks who are comfortable
running the pre-releases are able to find their way to the
verification page (and to figure out the minor differences in
filenames and such between the F10 and F11 Beta release)

> Is this a good place to complain about that, or is
> another list or bugzilla component better?

See http://fedoraproject.org/wiki/Websites#Bugs

¹ https://fedoraproject.org/verify

-- 
Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Honesty is the best policy, but insanity is a better defense.

Attachment: pgpEISSiBHYEK.pgp
Description: PGP signature

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux