-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello,
Some handy code for those using windows and powershell to check releases . To generate checksums use CertUtil command: SHA512: "CertUtil -hashfile 'apache-taverna-parent-2-incubating-source-release.zip' SHA512" MD5: "CertUtil -hashfile 'apache-taverna-parent-2-incubating-source-release.zip' MD5" SHA1 (the default for CertUtil): "CertUtil -hashfile 'apache-taverna-parent-2-incubating-source-release.zip'" To check the key used to sign the artifacts: 1) Download the taverna key file from https://dist.apache.org/repos/dist/release/incubator/taverna/KEYS 2) Import the key file into GPG: gpg --import keys.txt 3) Verify the file: gpg --verify '.\apache-taverna-language-0.15.1-incubating-source-release.zip' See https://httpd.apache.org/dev/verification.html for some general verification info. Cheers, Ian - -- Ian Dunlop, eScience Lab School of Computer Science The University of Manchester http://orcid.org/0000-0001-7066-3350 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJW1Es0AAoJEPK45GBX+Cy5hXsIAKAIuyjwCJmVddOA1DJ/NSv8 qUXvygPsQ7bhctCVbt6WmWxXW8rJ8QuAAkyazOe3xP3p9JpXAT0mHKDcX4fgSLxq zbIg2CO+QtOEEuOfWL7Vc3mTIETYGVpiKOUaL0bEbTshEZEjBFWdRUTA5/qQ4fzQ wAswLwvIYZCNNOpXas/3SefWOiHPUE/5+MjIEMNiyv2RUL97p+F5etJx/KNTFFWE unuMabtsABNGXO4nQ/wHCMSPXOXKaLMI8fi0MiTcDvDP6JePQIp1pjnPow7xhosi JaD3EAsKo/sCoAA08pbkseWeZl2IdsyyRch/pydI8H6wOieFwKW6M58xEBC9GUQ= =DANo -----END PGP SIGNATURE-----
