[Fedora-ia64-list] Fedora 9 release ISOs not GPG signed?
Ben Webb
ben at salilab.org
Tue Jul 8 17:13:49 UTC 2008
Doug Chapman wrote:
> On Tue, 2008-07-08 at 08:22 -0700, Ben Webb wrote:
>> Congratulations on the release of Fedora 9 for IA64! I just noticed that
>> the SHA1SUM file at
>> http://secondary.fedoraproject.org/pub/fedora-secondary/releases/9/Fedora/ia64/iso/
>> is not GPG signed (unlike the primary archs) - thus, I cannot verify
>> that the DVD image I downloaded has not been tampered with.
>>
>> Is this intentional, or will signatures for SHA1SUM be incorporated into
>> the file or separately published at some point? Would you prefer that I
>> open a Bugzilla report (and if so, what would the component be)?
>>
>> Ben
>
> This should be on the server by tomorrow. Attaching the file signed
> with the ia64 key here as well.
Much appreciated, thanks! Everything checks out OK, which is not exactly
surprising, but it's nice to be sure. ;)
Ben
--
ben at salilab.org http://salilab.org/~ben/
"It is a capital mistake to theorize before one has data."
- Sir Arthur Conan Doyle
More information about the Fedora-ia64-list
mailing list