No it's not just you, and it's particularly important now that we are moving to the mirrors as we don't have control over the majority of the distribution points now.
Xindice has an Md-5 hash which can be read from www.apache.org/dist which will do the trick until the next release.
I just checked the dist directory and it looks like Jeff is right in the middle of uploading a new version of forrest with PGP signatures :>.
Cheers,
BerinShane Curcuru wrote:
Is it just me, or don't we have a policy that all software distributions should be PGP/GPG or equivalently signed with the release manager's key? 8-)
Admittedly, plus points to Forrest and Xindice since they've already moved their distributions to the mirroring system at www.apache.org/dist/xml/[subproject]. But I'd really like to see future releases also get signed before they're put on the distro site.
Thanks, Shane
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
