Tom Horsley wrote: > The torrents for the Fedora downloads include gpg signed > checksum files (SHA1SUM for old releases, *-CHECKSUM for > fedora 11 beta and wot-not). > > It would sure be handy to have instructions directly > on the download pages that tell you how to actually > verify the signature and check the checksums :-). It'd be easy enough to add a small box, as on the get-fedora-all page, that says "After downloading an ISO, verify it" with a link to the verify page. The one issue that would remain is that the filenames have changed since the previous releases and I'm not sure that it's best to change the verify text to reflect that just yet. If we did, it would be confusing to folks looking to verify their download of the stable F10 release. If we wait until F11 is the stable release, I think it may be acceptable to let folks downloading an older release figure out that the filenames need changing, I think. (This is more or less what I tried to say the other day¹.) ¹ https://www.redhat.com/archives/fedora-websites-list/2009-April/msg00001.html -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Sometimes the majority only means that all the fools are on the same side. -- Michael W. Smith
Attachment:
pgpUaVN4VlRu8.pgp
Description: PGP signature
-- Fedora-websites-list mailing list Fedora-websites-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-websites-list
