Hi, On Sun, Jun 4, 2017 at 8:33 AM, <vbzfua@xxxxxxxxxxxx> wrote: > Please consider taking the following actions to protect the integrity of the GIMP.org binary software distributions. We indeed don't sign our tarball at this point, though we have checksums (but only MD5, I see; would be good if we used better hash functions. It would be indeed a good idea to sign as well. This said, our flatpak repository/packages will be fully signed with GPG. Jehan > Creating a GIMP software signing GPG key.Publishing and mirroring the above pub key and fingerprint.Signing the GIMP binary distributions with the above key.Publishing and mirroring the resulting .asc signatures. > -eom > _______________________________________________ > gimp-developer-list mailing list > List address: gimp-developer-list@xxxxxxxxx > List membership: https://mail.gnome.org/mailman/listinfo/gimp-developer-list > List archives: https://mail.gnome.org/archives/gimp-developer-list -- ZeMarmot open animation film http://film.zemarmot.net Patreon: https://patreon.com/zemarmot Tipeee: https://www.tipeee.com/zemarmot _______________________________________________ gimp-developer-list mailing list List address: gimp-developer-list@xxxxxxxxx List membership: https://mail.gnome.org/mailman/listinfo/gimp-developer-list List archives: https://mail.gnome.org/archives/gimp-developer-list
