[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Should OpenBSD sign its releases?

To: Tim Freeman <tim@fungible.com>
Subject: Re: Should OpenBSD sign its releases?
From: Artur Grabowski <art@blahonga.org>
Date: 03 Jun 2004 03:38:06 +0200
Cc: tech@openbsd.org
References: <200406021415.i52EFUNT023576@lobus.fungible.com>
User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.2

Tim Freeman <tim@fungible.com> writes:

> I had hoped to find a cryptographic signature on the MD5 checksums at
> 
>    ftp://mirror.cs.wisc.edu/pub/mirrors/OpenBSD/3.5/i386/MD5
> 
> but no such luck.  Without these signatures, it's conceivable that
> someone corrupted the archive and updated the MD5's to match.  Is
> there a reason not to sign OpenBSD releases?

Here is a signature for that file. Have fun.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (OpenBSD)

iD8DBQFAvn57xak/gpXyHMwRApNfAJ0Up65kHxMG3lMxGYI1OEeHp3JCEQCgr+9K
Rib5rwkR//gZJwEHG6+iw3c=
=NvDh
-----END PGP SIGNATURE-----

//art

References:
- Should OpenBSD sign its releases?
  - From: Tim Freeman <tim@fungible.com>

Prev by Date: Re: OpenBSD Based Wireless Node
Next by Date: No Subject
Prev by thread: Should OpenBSD sign its releases?
Next by thread: Re: Should OpenBSD sign its releases?
Index(es):
- Date
- Thread