You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@myfaces.apache.org by lo...@apache.org on 2017/12/13 15:08:49 UTC
svn commit: r1818032 - /myfaces/site/publish/tobago/download.html
Author: lofwyr
Date: Wed Dec 13 15:08:49 2017
New Revision: 1818032
URL: http://svn.apache.org/viewvc?rev=1818032&view=rev
Log:
updating site
Modified:
myfaces/site/publish/tobago/download.html
Modified: myfaces/site/publish/tobago/download.html
URL: http://svn.apache.org/viewvc/myfaces/site/publish/tobago/download.html?rev=1818032&r1=1818031&r2=1818032&view=diff
==============================================================================
--- myfaces/site/publish/tobago/download.html (original)
+++ myfaces/site/publish/tobago/download.html Wed Dec 13 15:08:49 2017
@@ -675,17 +675,28 @@
<h2><a name="Verifying_signatures"></a>Verifying signatures</h2>
<p>PGP verification ensures that the file came from a certain person. We recommend you verify your downloads
with PGP.</p>
- <p>The PGP signatures can be verified using <a class="externalLink" href="https://www.openpgp.org/">OpenPGP</a>
- or <a class="externalLink" href="https://www.gnupg.org/">GPG</a>. First download the Apache MyFaces <a
- class="externalLink" href="https://www.apache.org/dist/myfaces/KEYS">KEYS</a> as well as the <tt>asc</tt>
- signature file for the particular distribution. It is important that you get these files from the ultimate
- trusted source - the main ASF distribution site, rather than from a mirror. Then verify the signatures using
- ...</p>
- <p><tt> % pgpk -a KEYS % pgpv myfaces-tobago-<version>-dist.tar.gz.asc </tt></p>
+ <p>First download the Apache MyFaces <a class="externalLink" href="https://www.apache.org/dist/myfaces/KEYS">KEYS</a>
+ as well as the <tt>asc</tt> signature file for the particular distribution. It is important that you get these
+ files from the ultimate trusted source - the main ASF distribution site, rather than from a mirror.</p>
+ <p>You need an installation of e. g. OpenPGP or GPG to check the files. More information you'll find on the
+ Apache <a class="externalLink" href="https://www.apache.org/info/verification.html#CheckingSignatures">verification</a>
+ site.</p>
+ <p>Then verify the signatures using ...</p>
+ <div class="source">
+<pre>$ pgpk -a KEYS
+$ pgpv myfaces-tobago-<version>-dist.tar.gz.asc</pre>
+ </div>
<p><i>or</i></p>
- <p><tt> % pgp -ka KEYS % pgp myfaces-tobago-<version>-dist.tar.gz.asc </tt></p>
+ <div class="source">
+<pre>$ pgp -ka KEYS
+$ pgp myfaces-tobago-<version>-dist.tar.gz.asc</pre>
+ </div>
<p><i>or</i></p>
- <p><tt> % gpg --import KEYS % gpg --verify myfaces-tobago-<version>-dist.tar.gz.asc </tt></p></div>
+ <div class="source">
+<pre>$ gpg --import KEYS
+$ gpg --verify myfaces-tobago-<version>-dist.tar.gz.asc</pre>
+ </div>
+ </div>
</div>
</div>
<div class="clear"></div>