On Mon, Mar 11, 2013 at 10:56 AM, Ethan Blanton <e...@pidgin.im> wrote: > C B spake unto us the following wisdom: >> I don't have a problem to report but rather a suggestion that a checksum >> (preferably SHA256) be provided for downloads for people to verify that >> they have a trusted file. > > Digital signatures are provided, which are a strictly stronger > assurance than a simple checksum. There is no link from the pidgin.im > download page, but they are available from the SourceForge file list: > > http://sourceforge.net/projects/pidgin/files/Pidgin/2.10.7/
In addition to that, the FAQ links to https://developer.pidgin.im/wiki/Are%20the%20packages%20signed which contains details about how to verify that the package you're using is signed appropriately. _______________________________________________ Support@pidgin.im mailing list Want to unsubscribe? Use this link: http://pidgin.im/cgi-bin/mailman/listinfo/support
