Am 21.06.2017 um 16:33 schrieb Samuli Seppänen: > On 21/06/2017 17:06, Simon Matter wrote: >>> On Wed, Jun 21, 2017 at 6:47 AM, Samuli Seppänen <sam...@openvpn.net> >>> wrote: >>>> The OpenVPN community project team is proud to release OpenVPN 2.4.3. It >>>> can be downloaded from here: >>>> >>>> <http://openvpn.net/index.php/open-source/downloads.html> >>> Hi. Thanks for this release. >>> >>> Verifying the PGP signature on 2.3.17.tar.gz works fine (so did 2.4.2 >>> a few weeks ago), but trying to verify the signature on 2.4.3.tar.gz >>> fails with: >> I wanted to ask this during the 2.4.2 hickup but now I really ask because >> there is confusion again with 2.4.3: >> >> Could you please add check sums of all release files so that one can >> easily check to have the correct download. Even MD5 works better no check >> sum :-) >> >> Regards, >> Simon >> > Makes sense. I'll see if I could tackle that tomorrow. > > Meanwhile I added a test script which downloads every release file and > verifies their signatures. I will run this script as part of the release > process.
It makes no sense at all. Don't start that! You already provide detached GnuPG signatures, which are better suited for most purposes and incidentally also cover the "checksum" purpose. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
