-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have a question regarding the release tarballs on ftp.gnome.org. As far as I can tell, these are not gpg-signed. Is that correct?
Are signatures available anywhere else or is there any alternative way to check them? I'm working on a collected release of all GNU software packages and we'd like to verify everything that goes in it. Thanks. - -- Brian Gough -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iJwEAQECAAYFAkuwtsgACgkQ9U2K2oCCH+o6FgP/Xm++xAZHBHq4BZB91Fk/uFVQ ozSErmWehGG7TWgwhZX9sdV5vW3/4SAAi2juTiXOvFIenWqHz/h407SBVZ6vAAK4 n43VkvjDBsqKse35VLXcqNbu6DTYhjsm9QGv3sFPh2H+kujn3RYBzXf5PSJQ6yFG saAGbzOIvEVwiQ1A6Qg= =9mxL -----END PGP SIGNATURE----- _______________________________________________ gnome-infrastructure mailing list [email protected] http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
