[jira] [Created] (NUTCH-2488) Please use SSL (https) for KEYS, sigs, hashes

Sebb (JIRA) Wed, 27 Dec 2017 11:25:11 -0800

Sebb created NUTCH-2488:
---------------------------

             Summary: Please use SSL (https) for KEYS, sigs, hashes
                 Key: NUTCH-2488
                 URL: https://issues.apache.org/jira/browse/NUTCH-2488
             Project: Nutch
          Issue Type: Improvement
          Components: website
         Environment: http://nutch.apache.org/downloads.html
            Reporter: Sebb



As the subject says: Please use https (SSL) for links to KEYS, hashes, sigs.

Also the GPG verification instructions are wrong.

The command line should be (for example):

$ gpg --verify apache-nutch-X.Y.Z-src.tar.gz.asc apache-nutch-X.Y.Z-src.tar.gz

it's important that both the sig file (which must be the first parameter) and 
the target to be check are both specified, see:

See:
https://www.apache.org/info/verification.html#CheckingSignatures



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Created] (NUTCH-2488) Please use SSL (https) for KEYS, sigs, hashes

Reply via email to