Author: kkolinko Date: Tue Jun 12 20:57:06 2012 New Revision: 687 Log: Align with r1348979 and set svn:eol-style=native Make verification text consistent across all components
Modified: release/tomcat/tomcat-connectors/jk/README.html (contents, props changed) Modified: release/tomcat/tomcat-connectors/jk/README.html ============================================================================== --- release/tomcat/tomcat-connectors/jk/README.html (original) +++ release/tomcat/tomcat-connectors/jk/README.html Tue Jun 12 20:57:06 2012 @@ -34,35 +34,12 @@ </p> <h2><a name="sig">PGP Signatures</a></h2> -<p>All of the release distribution packages have been digitally signed - (using PGP or GPG) by the Apache Tomcat Group members that constructed them. - There will be an accompanying <SAMP><EM>distribution</EM>.asc</SAMP> file - in the same directory as the distribution. The PGP keys can be found - at the MIT key repository and within this project's - <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/KEYS">KEYS file</a>. -</p> - -<p>Always use the signature files to verify the authenticity - of the distribution, <i>e.g.</i>,</p> - -<pre> -% pgpk -a KEYS -% pgpv tomcat-connectors-1.2.37-src.tar.gz.asc -<i>or</i>, -% pgp -ka KEYS -% pgp tomcat-connectors-1.2.37-src.tar.gz.asc -<i>or</i>, -% gpg --import KEYS -% gpg --verify tomcat-connectors-1.2.37-src.tar.gz.asc -</pre> - -<p>We offer MD5 and SHA1 hashes as an alternative to validate the integrity - of the downloaded files. A unix program called <code>md5</code> or - <code>md5sum</code> is included in many unix distributions. It is - also available as part of <a - href="http://www.gnu.org/software/textutils/textutils.html">GNU - Textutils</a>. Windows users can get binary md5 programs from <a - href="http://www.fourmilab.ch/md5/">here</a>, <a - href="http://www.pc-tools.net/win32/freeware/console/">here</a>, or - <a href="http://www.slavasoft.com/fsum/">here</a>. -</p> +<p>You <strong>must</strong> verify the integrity of the downloaded files. + We provide OpenPGP signatures for every release file. This signature should + be matched against the + <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/KEYS">KEYS</a> + file which contains the OpenPGP keys of the Release Managers. We also + provide an <code>MD5</code> checksum for every release file. After you + download the file, you should calculate a checksum for your download, and + make sure it is the same as ours. +</p> \ No newline at end of file Propchange: release/tomcat/tomcat-connectors/jk/README.html ------------------------------------------------------------------------------ svn:eol-style = native --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org