Re: Making PGP distribution key well-known

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2012-03-02, Kevin Fenzi <kevin@xxxxxxxxx> wrote:
> On Fri, 2 Mar 2012 12:53:35 +0000 (UTC)
> Petr Pisar <ppisar@xxxxxxxxxx> wrote:
>
>> On 2012-03-01, Michal Schmidt <mschmidt@xxxxxxxxxx> wrote:
>> > Dne 1.3.2012 17:52, Petr Pisar napsal(a):
>> >> where to get public key for verifying RPM signatures.
>> >
>> > The keys are at: https://fedoraproject.org/keys
>> >
>> And F16 primary key (A82BA4B7) is signed by... 1 guy. Awesome.
>>
>> And ISO images propagated on Fedora web pages have signatures where?
>> I see, one must trim the URL manually and hope the web server lists
>> directory and there will be a signature.
>
> https://fedoraproject.org/en/verify has a full list of them, but yes,
> they should be in the same directory.
>
> If you can think of a better way to present this data, do say.
>
Put them right next to shiny Download links. If the datails about size
are important enough, a link to signature could be there too. Like:

Download Now!
605MB, ISO format image for Intel-compatible PCs (32-bit), signature

Where the `signature' label would point to
<http://download.englab.brq.redhat.com/pub/fedora/linux/releases/16/Live/i686/Fedora-16-i686-Live-CHECKSUM>.

The `Verify Download' link is six sections underneath. Even bellow
export regulations which nobody reads. To far.

-- Petr

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux