Tom Horsley wrote: > The torrents for the Fedora downloads include gpg signed > checksum files (SHA1SUM for old releases, *-CHECKSUM for > fedora 11 beta and wot-not). > > It would sure be handy to have instructions directly > on the download pages that tell you how to actually > verify the signature and check the checksums :-). Well, the main get-fedora page does have a link to the verification instructions¹ in the Resources block that is just to the right of the download links. The get-prerelease page doesn't have all of that detail, but I think the general assumption is that the sort of folks who are comfortable running the pre-releases are able to find their way to the verification page (and to figure out the minor differences in filenames and such between the F10 and F11 Beta release) > Is this a good place to complain about that, or is > another list or bugzilla component better? See http://fedoraproject.org/wiki/Websites#Bugs ¹ https://fedoraproject.org/verify -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Honesty is the best policy, but insanity is a better defense.
Attachment:
pgpGLY6WjnGTF.pgp
Description: PGP signature
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
