svn commit: r1348979 - /tomcat/jk/trunk/tools/dist/README.html

[markt]

Author: markt
Date: Mon Jun 11 19:26:06 2012
New Revision: 1348979

URL: http://svn.apache.org/viewvc?rev=1348979&view=rev
Log:
Make verification text consistent across all components

Modified:
    tomcat/jk/trunk/tools/dist/README.html

Modified: tomcat/jk/trunk/tools/dist/README.html
URL: 
http://svn.apache.org/viewvc/tomcat/jk/trunk/tools/dist/README.html?rev=1348979&r1=1348978&r2=1348979&view=diff
==============================================================================
--- tomcat/jk/trunk/tools/dist/README.html (original)
+++ tomcat/jk/trunk/tools/dist/README.html Mon Jun 11 19:26:06 2012
@@ -34,35 +34,12 @@ nearest mirror site!</a></a></h2>
 </p>
 
 <h2><a name="sig">PGP Signatures</a></h2>
-<p>All of the release distribution packages have been digitally signed
-   (using PGP or GPG) by the Apache Tomcat Group members that constructed them.
-   There will be an accompanying <SAMP><EM>distribution</EM>.asc</SAMP> file
-   in the same directory as the distribution.  The PGP keys can be found
-   at the MIT key repository and within this project's
-   <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/KEYS";>KEYS 
file</a>.
-</p>
-
-<p>Always use the signature files to verify the authenticity
-   of the distribution, <i>e.g.</i>,</p>
-
-<pre>
-% pgpk -a KEYS
-% pgpv tomcat-connectors-1.2.37-src.tar.gz.asc
-<i>or</i>,
-% pgp -ka KEYS
-% pgp tomcat-connectors-1.2.37-src.tar.gz.asc
-<i>or</i>,
-% gpg --import KEYS
-% gpg --verify tomcat-connectors-1.2.37-src.tar.gz.asc
-</pre>
-
-<p>We offer MD5 and SHA1 hashes as an alternative to validate the integrity
-   of the downloaded files. A unix program called <code>md5</code> or
-   <code>md5sum</code> is included in many unix distributions.  It is
-   also available as part of <a
-   href="http://www.gnu.org/software/textutils/textutils.html";>GNU
-   Textutils</a>.  Windows users can get binary md5 programs from <a
-   href="http://www.fourmilab.ch/md5/";>here</a>, <a
-   href="http://www.pc-tools.net/win32/freeware/console/";>here</a>, or
-   <a href="http://www.slavasoft.com/fsum/";>here</a>.
-</p>
+<p>You <strong>must</strong> verify the integrity of the downloaded files.
+   We provide OpenPGP signatures for every release file.  This signature should
+   be matched against the
+   <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/KEYS";>KEYS</a>
+   file which contains the OpenPGP keys of the Release Managers. We also
+   provide an <code>MD5</code> checksum for every release file. After you
+   download the file, you should calculate a checksum for your download, and
+   make sure it is the same as ours.
+</p>
\ No newline at end of file



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org