Package: x2goclient Version: 3.99.2.1 Dear maintainer,
you offer downloads for the x2go client, e.g. on page http://code.x2go.org/releases/binary-win32/x2goclient Unfortunately you do not provide any possibility to verify if a downloaded file is authentic, or if during transfer a virus has been added. Please, provide for each download a GPG signature and optionally SHA1 and MD5 hashs. http://maven.apache.org/download.html is a good examples except for the missing SHA1 hash. MD5 alone is not safe anymore. Best regards Heinrich Schuchardt _______________________________________________ X2Go-Dev mailing list X2Go-Dev@lists.berlios.de https://lists.berlios.de/mailman/listinfo/x2go-dev
