[GRASS5] GRASS 5.0.2 released
Bernhard Reiter
bernhard at intevation.de
Fri Apr 11 10:45:51 EDT 2003
On Fri, Apr 11, 2003 at 04:17:59PM +0200, Markus Neteler wrote:
> On Fri, Apr 11, 2003 at 03:01:56PM +0200, Bernhard Reiter wrote:
> > Also we should start adding more checksums and gpg signatures on
> > released tarballs. This would make later integrity checks possible
> > and be proactive against trojaned tarballs.
>
> Sounds good. But I need detailed instructions how to do that...
md5sum calculates checksums, just include the result in a readme.
As for gpg you need to have a keypair for yourself.
The mini Howtos should cover the basic steps.
http://www.gnupg.org/documentation/index.html
Hints: Make sure you have a gnupg version >=1.0.7.
After doing this, just a
gpg --detach-sign filename
will create a detached signature that you can distribute
as "filename.sig" along with the tarball.
Compare to how other project do it:
http://lists.gnupg.org/pipermail/gnupg-announce/2002q4/000255.html
ftp://ftp.gnupg.org/GnuPG/binary
http://lists.gnupg.org/pipermail/gnupg-announce/2003q1/000266.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.osgeo.org/pipermail/grass-dev/attachments/20030411/79e536ef/attachment.bin
More information about the grass-dev
mailing list