Sebb created COCOON-2370: ---------------------------- Summary: Download page gpg example needs second parameter Key: COCOON-2370 URL: https://issues.apache.org/jira/browse/COCOON-2370 Project: Cocoon Issue Type: Bug Components: * Cocoon Core Reporter: Sebb
It is important that the file being checked is also specified [1] on the gpg command line [2] If the second paramater is omitted, gpg can report success without actually checking the main artifact. This should not happen on correctly constructed ASF downloads, as we only provide detached sigs, but we should not be documenting bad practise. [1] https://www.apache.org/info/verification.html#specify_both [2] http://cocoon.apache.org/mirror.html -- This message was sent by Atlassian Jira (v8.3.4#803005)