Meeting Log - 2008-12-01
Jesse Keating
jkeating at redhat.com
Sat Dec 6 18:13:54 UTC 2008
On Tue, 2008-12-02 at 16:55 -0500, Máirín Duffy wrote:
> But do they do this? I certainly don't. Who's to say if someone
> compromised the ISO downloads that the SHA1SUM files were also not
> compromised?
The SHA1SUM files are gpg signed with the same key that the rpms
themselves are signed with.
--
Jesse Keating
Fedora -- Freedom² is a feature!
identi.ca: http://identi.ca/jkeating
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-websites-list/attachments/20081206/c7286758/attachment.sig>
More information about the Fedora-websites-list
mailing list