On Wed, 2013-03-20 at 09:23 +0800, Gene Leung wrote:
It seems no one care about the public key. Then, why still put the
signature file there for download? Or any other way for verify the
integrity of the download.
no one cares is a bit harsh for 24hrs without a response.
This list is primarily people who use / administer Cyrus IMAPd. And I'd
wager most of those people use Cyrus from a package.
Packagers are ones who care most about things like checksums, and they
probably don't pay much attention to this list. I also wouldn't be
surprised these days if packagers didn't work directly from a git
checkout and just skipped the tgz.
Any where I can find the pubic key for verify the files downloaded of
the Cyrus IMAP software?
Anyway, nope, I do not see a checksum/sumkey at
ftp://ftp.cyrusimap.org/cyrus-imapd/
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus