Ignore that, found this: http://linuxconfig.org/how-to-verify-an-authenticity-of-downloaded-debian-iso-images
Although I have no idea how it is connecting to the keyring.debian.org :-S On 14/07/2015, Mark Richards <[email protected]> wrote: > Hi, > > I've noticed that you host downloads over http. > This in itself isn't a problem, except I'm not in a position where I can > trust my networks not to spoof http sites. > > I'd like to verify that the download I get is correct using a secure > source. > I believe the simplest way is https. > > Do you have an https hosted link to gpg keys or sha2/3 sums that can be > used to verify the download? > > Regards > Mark > -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/CAHUjVGPqXL3Xz=F3dxsQj44iVL5o=uoyhbcsoihnb7sjrzd...@mail.gmail.com
