new_installer_offline_XXXX.jar.sig is supposed to be a gpg signature of new_installer_offline_XXXX.jar. Unfortunately, due to a bug in a script, everything before 1245 has bogus signatures, resulting from me signing the jar with gpg and *then* signing it internally with jarsigner. Therefore I am uploading .newsig's with the new key (which was created around build 1241). I am only signing those files that I have copies of locally, so a few early jars are not signed at all. This bug did not affect other signatures as far as I can see.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Devl mailing list [email protected] http://osprey.vm.bytemark.co.uk/cgi-bin/mailman/listinfo/devl
