OK, makes sense, we can add it. Regards, Martin
> On 27 Apr 2016, at 14:57, [email protected] wrote: > > Hi Martin, > > yes, I know, but what if someone was able to break into the download server? > He/she could put a malicious monit source code there and of course also > change the checksum file. So from a security point of view, it would be > useful to be able to verify the authenticity and integrity of a program by > verifying the signature of it before installing it into production. > > Regards > Tim > > >>> Hi Tim, > >>> we distribute an sha256 checksum with each source code and binary release, >>> you >>> can check the archive consistency using a checksum: >>> https://mmonit.com/monit/dist/ > >>> Regards, >>> Martin > > >> On 26 Apr 2016, at 16:28, address@hidden wrote: >> >> Hi, >> >> I would really appreciate a digital signature for the monit source code for >> security reasons, so I can be sure it hasn't been tampered with by someone. >> >> Regards >> Tim >> >> >> >> -- >> To unsubscribe: >> https://lists.nongnu.org/mailman/listinfo/monit-general > > > > > -- > To unsubscribe: > https://lists.nongnu.org/mailman/listinfo/monit-general -- To unsubscribe: https://lists.nongnu.org/mailman/listinfo/monit-general
