blautenb 2003/09/04 18:09:37
Modified: targets mirrors.html
Log:
Added Xindice and PGP instructions
Revision Changes Path
1.5 +81 -0 xml-site/targets/mirrors.html
Index: mirrors.html
===================================================================
RCS file: /home/cvs/xml-site/targets/mirrors.html,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- mirrors.html 4 Sep 2003 12:01:55 -0000 1.4
+++ mirrors.html 5 Sep 2003 01:09:37 -0000 1.5
@@ -341,11 +341,24 @@
the links below will direct you to an archive near you.
Alternative
mirror locations are also provided.
</p>
+
+<div class="frame note">
+
+<div class="label">Note</div>
+
+<div class="content">
+ You must <a href="#verify">verify the integrity</a> of the
downloaded
+ files using signatures downloaded from our main distribution
directory.
+ </div>
+
+</div>
<p>
The source archives below are the latest release
versions for each sub-project. Access to the latest (and
possibly
unstable) source can be accessed via <a
href="cvs.html">cvs</a>.
+ Archives of old releases can be found at the
+ <a href="http://archive.apache.org/dist/xml";>Apache
Archives</a>.
</p>
@@ -500,6 +513,74 @@
</ul>
+
+<p>
+<strong>Xindice</strong> - <em>unsigned</em>
+</p>
+
+<ul>
+
+<li>
+<a href="[preferred]/xml/xindice/xml-xindice-1.0.tar.gz">
+ Version 1.0 - tar.gz</a>
+</li>
+
+<li>
+<a href="[preferred]/xml/xindice/xml-xindice-1.0.zip">
+ Version 1.0 - zip</a>
+
+</li>
+
+</ul>
+
+
+<a name="verify"></a>
+
+<h3>Verify The Integrity of the Files</h3>
+
+
+<p>It is essential that you verify the integrity of the
+ downloaded files using the PGP or MD5 signatures.</p>
+
+
+<p>The PGP signatures can be verified using PGP or GPG.
+ First download the KEYS as well as the asc/sig signature
+ file for the particular distribution. Make sure you get
+ these files from the main distribution directory, rather
+ than from a mirror. Then verify the signatures using :
+ </p>
+
+
+<pre class="code">
+% pgpk -a KEYS
+% pgpv <archive-name>.tar.gz.asc
+</pre>
+
+<strong>or</strong>
+
+<pre class="code">
+% pgp -ka KEYS
+% pgp <archive-name>.tar.gz.asc
+</pre>
+
+<strong>or</strong>
+
+<pre class="code">
+% gpg --import KEYS
+% gpg --verify <archive-name>.tar.gz.asc
+</pre>
+
+
+<p>
+Alternatively, you can verify the MD5 signature on the files.
+A unix program called md5 or md5sum is included in many unix distributions.
+It is also available as part of
+<a href="http://www.gnu.org/directory/text/wordproc/textutils.html";>GNU
Textutils</a>.
+Windows users can get binary md5 programs from
+<a href="http://www.fourmilab.ch/md5/";>here</a>,
+<a href="http://www.pc-tools.net/win32/freeware/console/";>here</a>, or
+<a href="http://www.slavasoft.com/fsum/";>here</a>.
+</p>
</div>
</td><td width="10"><img width="10" height="1" alt=""
src="skin/images/spacer.gif" class="spacer"></td>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
