climate-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sebb (JIRA)" <>
Subject [jira] [Updated] (CLIMATE-951) Download pages must use HTTPS for sigs, hashes, KEYS
Date Tue, 24 Apr 2018 08:22:00 GMT


Sebb updated CLIMATE-951:

> Download pages must use HTTPS for sigs, hashes, KEYS
> ----------------------------------------------------
>                 Key: CLIMATE-951
>                 URL:
>             Project: Apache Open Climate Workbench
>          Issue Type: Bug
>         Environment:
>            Reporter: Sebb
>            Priority: Major
> The download page is generally fine.
> However the links to the KEYS, sigs (PGP) and hashes use http; ideally they should use
> Also the gpg command should read:
> gpg --verify <artifact>.asc <artifact>
> i.e. both the detached sig and the artifact itself should be specified.
> See:
> Further, this sentence links to the same archives twice:
> "If you are looking for previous releases of Apache OCW, have a look in the Apache Archives,
or alternatively for even older releases check out the Apache archives."
> Did you mean the second link to reference the incubator archives at

This message was sent by Atlassian JIRA

View raw message