You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by Graham Chapman <gr...@patia.com> on 2002/08/20 10:06:11 UTC

Releases not being signed any more?

I see that Tomcat binary releases after 3.3.1 do not have accompanying 
digital signatures from the developers. I have scoured the mailing list 
archives and FAQ's and I can't see where the signatures have been moved or 
why they are not there. Are they there where I haven't looked, or has the 
release signing procedure been discontinued?

I am interested because of the recent spate of FTP server hacking - OpenSSH 
just the other week. I have to be careful of what I install on my 
employer's network, and Tomcat is not a good place to have a trojan inserted.

Thanks for the excellent software.

Graham
-----
Graham Chapman
Email	: grahamc@patia.com
Web	: http://patia.com/grahamc


--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>