Thanks for the quick response; that makes sense from the security standpoint.
For your reference, I ran across this concern via https://github.com/saltstack-formulas/zookeeper-formula/issues/14 which I've updated. On Wed, Apr 29, 2015 at 1:29 PM, Michi Mutsuzaki <[email protected]> wrote: > You can find these files here: https://www.apache.org/dist/zookeeper/ > > I guess these files are not mirrored for security reasons. > > On Wed, Apr 29, 2015 at 10:49 AM, Flavio Junqueira > <[email protected]> wrote: > > That's weird, we definitely generate them for the RCs, and I'm quite > sure were publishing them: > > http://people.apache.org/~fpj/zookeeper-3.4.6-candidate-0/ > > > > I'm not sure what's going, and Pat Hunt might know about it. I'll see if > I can find out more in the meanwhile. > > -Flavio > > > > > > > > On Wednesday, April 29, 2015 4:13 PM, ralph tice < > [email protected]> wrote: > > > > > > > > Hi, > > > > I was surprised to discover that releases haven't been published with > > MD5/etc signatures since 3.3.2. > > > > Is this an intentional change by the project or an oversight? Is there > an > > alternative method of verifying integrity of releases? > > > > Thanks, > > > > --Ralph > > > > > > > > >
