Follow-up Comment #3, bug #23510 (project findutils):
Would you accept alternate verification of this release, such as a gpg signed
email asserting the SHA1 sum of the primary tarball, using a newer key to sign
the mail?
It's possible (albeit a bit more difficult) to update the .sig on the FTP
site; do we need to look into taking the action of posting a replacement .sig
with a newer key?
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?23510>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
