On Mon, Mar 29, 2010 at 10:19:26AM -0400, Brian Gough wrote: > I have a question regarding the release tarballs on ftp.gnome.org. > As far as I can tell, these are not gpg-signed. Is that correct?
They aren't signed. > Are signatures available anywhere else or is there any alternative way > to check them? We provide a hash, but that is not the same. > I'm working on a collected release of all GNU software packages and > we'd like to verify everything that goes in it. Thanks. -- Regards, Olav _______________________________________________ gnome-infrastructure mailing list [email protected] http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
