: > They are there.... just not replicated or shown in mirrors? : > http://www.apache.org/dist/lucene/java/ : > : : Its pretty odd they don't go out to the mirrors - I mean, whats the : point? Users can't use them to verify anything anyway if they don't have : them. Anyone know anything about this?
It's intentional: you always want to get the hash from the authoritative source (and not a mirror) so you can actaully verify the checksum. (particularly if you don't have gpg to check the signature files). http://tomcat.apache.org/download-connectors.cgi.. "Alternatively, you can verify the MD5 signature (hash value) on the files. Make sure you get these files from the main site, rather than from a mirror. The above [MD5] links automatically retrieve the signature files from the main site." -Hoss --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
