On 2012-03-02, Kevin Fenzi <kevin@xxxxxxxxx> wrote: > On Fri, 2 Mar 2012 12:53:35 +0000 (UTC) > Petr Pisar <ppisar@xxxxxxxxxx> wrote: > >> On 2012-03-01, Michal Schmidt <mschmidt@xxxxxxxxxx> wrote: >> > Dne 1.3.2012 17:52, Petr Pisar napsal(a): >> >> where to get public key for verifying RPM signatures. >> > >> > The keys are at: https://fedoraproject.org/keys >> > >> And F16 primary key (A82BA4B7) is signed by... 1 guy. Awesome. >> >> And ISO images propagated on Fedora web pages have signatures where? >> I see, one must trim the URL manually and hope the web server lists >> directory and there will be a signature. > > https://fedoraproject.org/en/verify has a full list of them, but yes, > they should be in the same directory. > > If you can think of a better way to present this data, do say. > Put them right next to shiny Download links. If the datails about size are important enough, a link to signature could be there too. Like: Download Now! 605MB, ISO format image for Intel-compatible PCs (32-bit), signature Where the `signature' label would point to <http://download.englab.brq.redhat.com/pub/fedora/linux/releases/16/Live/i686/Fedora-16-i686-Live-CHECKSUM>. The `Verify Download' link is six sections underneath. Even bellow export regulations which nobody reads. To far. -- Petr -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
