On Oct 1, 2007, at 12:34 AM, Boyle Owen wrote:
Is there a reason for the coyness or is it just an oversight, like people who send out invites to parties with elaborate directions and clip-art but forget to put the date?
PGP to the rescue! Just downloaded the release, and Safari preserves the modification time:
[EMAIL PROTECTED] downloads $ curl -I "http://mirrors.sirium.net/ pub/apache/httpd/httpd-2.2.6.tar.gz"
HTTP/1.1 200 OK Date: Mon, 01 Oct 2007 13:51:22 GMT Server: Apache Last-Modified: Thu, 06 Sep 2007 19:31:02 GMT ETag: "547541-5bfe97-46e05576" Accept-Ranges: bytes Content-Length: 6028951 Content-Type: application/x-gzip [EMAIL PROTECTED] downloads $ ls -lt httpd-2.2.6.tar.gz*-rw-r--r-- 1 sctemme admin 53 Sep 6 12:31 httpd-2.2.6.tar.gz.md5
-rw-r--r-- 1 sctemme admin 6028951 Sep 6 12:31 httpd-2.2.6.tar.gz-rw-r--r-- 1 sctemme admin 186 Sep 6 12:31 httpd-2.2.6.tar.gz.asc
Now when I verify the PGP signature: [EMAIL PROTECTED] downloads $ gpg --verify httpd-2.2.6.tar.gz.ascgpg: Signature made Tue Sep 4 13:09:41 2007 PDT using DSA key ID 08C975E5
gpg: Good signature from "Jim Jagielski <[EMAIL PROTECTED]>" gpg: aka "Jim Jagielski <[EMAIL PROTECTED]>" gpg: aka "Jim Jagielski <[EMAIL PROTECTED]>" gpg: aka "Jim Jagielski <[EMAIL PROTECTED]>" gpg: aka "Jim Jagielski <[EMAIL PROTECTED]>"Note the time stamp on the signature. Of course this is the time of the clock on Jim's computer: I don't think GPG can get a trusted timestamp for signatures. I looked through the options and saw none.
Perhaps that's something to look into, but for now there is a timestamp on the signature.
S. -- Sander Temme [EMAIL PROTECTED] PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF
smime.p7s
Description: S/MIME cryptographic signature
