the its hash with the hash in the hashsum file served out from
apache.org.
Verifying the signature will go that step further by checking that the
person who created the released artifact is in the Apache web of
trust.
So, I would like to remvoe the the superfluous .asc.md5 / .asc.sha1
files
by checking that the
person who created the released artifact is in the Apache web of
trust.
So, I would like to remvoe the the superfluous .asc.md5 / .asc.sha1
files and for us to not create them in our release process any longer.
I'll remove them in 24 hours to wait for objections, if any
hash with the hash in the hashsum file served out from
apache.org.
Verifying the signature will go that step further by checking that the
person who created the released artifact is in the Apache web of
trust.
So, I would like to remvoe the the superfluous .asc.md5 / .asc.sha1
files
