Download verification checking request
As per [ 1061119 ] Provide verification and/or security measures for downloads <http://sf.net/tracker/?func=detail&atid=498106&aid=1061119&group_id=61702> the 1.0.1 release (and future releases) includes some measures to try and let people confirm that their download is valid. Specifically, the file sizes and MD5 checksums are listed on the download page: <http://spambayes.org/download.html> and there are PGP signatures for each of the three files, signed by the release manager (me, for this one). I'm pretty new to this stuff - I'm pretty sure that the MD5s and sizes are correct, but not 100% about the signatures. If someone familiar with this stuff could use the signatures to verify the files, and let me know (either here or via the tracker above) so that I know I've done the process correctly, that would be fantastic. Thanks! =Tony.Meyer -- Please always include the list (spambayes@python.org) in your replies (reply-all), and please don't send me personal mail about SpamBayes. http://www.massey.ac.nz/~tameyer/writing/reply_all.html explains this.
Suggestions: Use an ascii sig (gpg -ba) Put the sig files on the website directly, they're too small to justify putting in the Files section. Put your key id on the download page - that way people can more easily fetch it from the keyservers.
I grabbed your public key, the spambayes-1.0.1.tar.gz tarball, and spambayes-1.0.1.tar.gz.asc sig file. I followed the instructions on the website (testing those, too) and everything worked just fine. ...s. Tony Meyer wrote:
As per
[ 1061119 ] Provide verification and/or security measures for downloads <http://sf.net/tracker/?func=detail&atid=498106&aid=1061119&group_id=61702>
the 1.0.1 release (and future releases) includes some measures to try and let people confirm that their download is valid. Specifically, the file sizes and MD5 checksums are listed on the download page:
<http://spambayes.org/download.html>
and there are PGP signatures for each of the three files, signed by the release manager (me, for this one).
I'm pretty new to this stuff - I'm pretty sure that the MD5s and sizes are correct, but not 100% about the signatures. If someone familiar with this stuff could use the signatures to verify the files, and let me know (either here or via the tracker above) so that I know I've done the process correctly, that would be fantastic.
Thanks!
=Tony.Meyer
-- Scott Burns <scott@lentigo.net> <http://www.lentigo.net/scott> pub 1024D/9DA64618 2001-11-17 Scott Burns <scott@lentigo.net> Fingerprint: 2F1B A22E 33C3 FD3D BBE4 D5E2 728B 4753 9DA6 4618
participants (3)
-
Anthony Baxter -
Scott Burns -
Tony Meyer