| delorie.com/archives/browse.cgi | search |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sources.redhat.com/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Message-ID: | <000501c1fd52$a512c1a0$c23fa8c0@transarc.ibm.com> |
| From: | "Michael Young" <mwy-ltua AT the-youngs DOT org> |
| To: | <cygwin AT cygwin DOT com> |
| Subject: | PGP signatures for packages? |
| Date: | Thu, 16 May 2002 23:26:30 -0400 |
| MIME-Version: | 1.0 |
| X-Priority: | 3 |
| X-MSMail-Priority: | Normal |
| X-MimeOLE: | Produced By Microsoft MimeOLE V5.50.4522.1200 |
Are signatures available for the setup program, or for the packages it downloads? RPM uses GPG signatures, but I can't find anything comparable for the Cygwin binaries. Even just a list of hashes would be worthwhile (ideally vended from a secure Cygwin/Redhat web page) to verify that a mirror (or download) hasn't been corrupted. Real PGP signatures would be better. I can live without tool support -- I can do the verifications manually, but only if I can find the signatures :-). I saw a note back in December (http://sources.redhat.com/ml/cygwin/2001-12/msg00950.html) that touched on this, but I couldn't find any followup. Did this wither on the vine? -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |