svn commit: r932032 - in /websites/staging/oodt/trunk/content: ./ download.html

Tue, 09 Dec 2014 13:33:07 -0800 

Author: buildbot
Date: Tue Dec  9 21:32:40 2014
New Revision: 932032

Log:
Staging update by buildbot for oodt

Modified:
    websites/staging/oodt/trunk/content/   (props changed)
    websites/staging/oodt/trunk/content/download.html

Propchange: websites/staging/oodt/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Tue Dec  9 21:32:40 2014
@@ -1 +1 @@
-1644191
+1644192

Modified: websites/staging/oodt/trunk/content/download.html
==============================================================================
--- websites/staging/oodt/trunk/content/download.html (original)
+++ websites/staging/oodt/trunk/content/download.html Tue Dec  9 21:32:40 2014
@@ -115,7 +115,9 @@ under the License.
     <h4>Official Release</h4>
         <p>
         <b>Semptember-2014</b>: The Latest Apache™ OODT version 0.7 is now 
released and available for download.</p>
+        <p>
         <a href="http://www.apache.org/dyn/closer.cgi/oodt"; class="clear 
actbutton">Download OODT</a>
+        </p>
 
         <h4>Mirrors</h4>
         <p>The link in the Mirrors column below should display a default 
mirror selection based on your inferred location. 
@@ -150,6 +152,24 @@ under the License.
   </tbody>
 </table>
 
+        <h4>Verify Releases</h4>
+        <p>It is essential that you verify the integrity of the downloaded 
files using the PGP, MD5 and/or SHA signatures. published with every OODT 
release.</p>
+        <p>Please read <a 
href="http://httpd.apache.org/dev/verification.html";>Verifying Apache HTTP 
Server Releases</a> for more information on why you should verify our 
releases.</p>
+        <p>We strongly recommend you verify your downloads with at least both 
PGP and MD5. Guidance for doing so is provided below.</p>
+
+        <h4>PGP Signature</h4>
+        <p>The PGP signatures can be verified using PGP or GPG. First download 
the <a href="http://www.apache.org/dist/oodt/KEYS-0.7.txt";>KEYS</a> as well as 
the asc signature file for the relevant distribution.</p>
+        <p>N.B.Make sure you get these files from the <a 
href="http://www.apache.org/dist/oodt/";>main distribution directory</a>, rather 
than from a mirror. Then verify the signatures using the following:</p>
+        <code>
+        $ gpg --import KEYS 
+        $ gpg --verify apache-gora-X.Y.Z-src.tar.gz.asc
+        </code>
+        <p>The files in the most recent release are signed by B876884A 
2007-12-24  Chris Mattmann (CODE SIGNING KEY) <[email protected]></p>
+
+        <h4>MD5 Signature</h4>
+
+        <h4>Previous Releases</h4>
+
     </div>
 
 <!-- end main content-->

Reply via email to