[ https://issues.apache.org/jira/browse/HBASE-9690?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sean Busbey resolved HBASE-9690. -------------------------------- Resolution: Information Provided Closing this as "information provided" because the earlier comment that checksums / signatures should be downloaded directly from www.apache.org/dist/hbase is correct. > HBase Mirrors are missing md5 and sha1 checksums for tarballs > ------------------------------------------------------------- > > Key: HBASE-9690 > URL: https://issues.apache.org/jira/browse/HBASE-9690 > Project: HBase > Issue Type: Improvement > Affects Versions: 0.94.12 > Reporter: André Kelpe > > Currently there is no way to verify the integrity of release tarballs. Please > provide md5, sha1 and gpg signatures, so that users can be sure, that they > have the correct tarball. > Many open source projects provide the above and hbase would benefit from that > as well. > This looks like the right solution for the problem: > http://nicoulaj.github.io/checksum-maven-plugin/examples/generating-project-artifacts-checksums.html -- This message was sent by Atlassian JIRA (v6.3.4#6332)