on 3/2/01 6:06 AM, "GOMEZ Henri" <[EMAIL PROTECTED]> wrote:
> Wby not just use the standard ASF (PGP and md5 signatures)
I have been using that technique for Apache JServ (and the rest of the
projects that I'm involved with) for years now.
In fact after the white hack break in, I even went back and verified the
files.
+1
Signing .jar files is a good idea, but isn't needed for protecting against
the hacker attacks.
Anyway, instead of discussing this forever until you get so bored with the
discussion that it doesn't happen (like 90% of the stuff that has been going
on recently around here), just do it. Make it happen. Take the initiative.
-jon
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
