When I was investigating this, I noticed this was a generic template.
So, yes, I think this would benefit other ASF projects as well.
Cheers,
Hans
On 08/05/2015 01:26 PM, Gary wrote:
On 05/08/15 09:07, Hans Polak wrote:
-------- Forwarded Message --------
Subject: Re: KEYS
Date: Tue, 4 Aug 2015 11:47:17 -0700
From: Ryan J Ollos <[email protected]>
To: Hans Polak <[email protected]>
CC: Gary Martin <[email protected]>
On Tue, Aug 4, 2015 at 4:20 AM, Hans Polak <[email protected]
<mailto:[email protected]>> wrote:
Hi!
I've downloaded the Bloodhound 0.8 tar file and, for the very first
time, I've tried to verify a file. I'd like to briefly tell you the
problems I've encountered.
On the http://bloodhound.apache.org/ page, there's a link to the tar
file
http://www.apache.org/dyn/closer.cgi/bloodhound/apache-bloodhound-0.8.tar.gz
1. This page contains information about the download and about the
verification.... but it doesn't contain links to the asc files, nor
the keys file.
2. I found the asc file here:
http://www.eu.apache.org/dist/bloodhound/
3. I found the keys file here:
https://dist.apache.org/repos/dist/dev/bloodhound/KEYS
I'd like to suggest that the verification section include links to
these files.
Yours sincerely,
Hans Polak
Hi Hans,
Thank you for the email. I'm not very involved in the Bloodhound
project these days. Could you please forward your email to the users@
mailing list?
https://issues.apache.org/bloodhound/wiki/BloodhoundContactInfo
Thanks,
- Ryan
Hi Hans,
Thank you for the suggestion. If I correctly interpret the page you
mean, it is possible that we can't directly control the display of the
download page. Of course, if that is the case, your suggestion might
well benefit all ASF projects which could be a very nice result!
We should try to confirm that we are not doing anything different to
other ASF projects in this area. I think it is also worth our while
considering work-arounds as we should encourage users to verify the
download.
Many thanks again.
Cheers,
Gary
