I vote +1: * confirmed sigs & hashes with `coho verify-archive` * verified sha1s match tags with `coho verify-tags` have Apache-compatible licenses * recreated archives to ensure contents match release candidate
smime.p7s
Description: S/MIME cryptographic signature
