climate-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lewis John McGibbney (JIRA)" <>
Subject [jira] [Commented] (CLIMATE-951) Download pages must use HTTPS for sigs, hashes, KEYS
Date Wed, 02 May 2018 18:38:00 GMT


Lewis John McGibbney commented on CLIMATE-951:

Done, thanks,

> Download pages must use HTTPS for sigs, hashes, KEYS
> ----------------------------------------------------
>                 Key: CLIMATE-951
>                 URL:
>             Project: Apache Open Climate Workbench
>          Issue Type: Bug
>    Affects Versions: 1.3.0
>         Environment:
>            Reporter: Sebb
>            Assignee: Lewis John McGibbney
>            Priority: Major
>             Fix For: 1.4.0
> The download page is generally fine.
> However the links to the KEYS, sigs (PGP) and hashes use http; ideally they should use
> Also the gpg command should read:
> gpg --verify <artifact>.asc <artifact>
> i.e. both the detached sig and the artifact itself should be specified.
> See:
> Further, this sentence links to the same archives twice:
> "If you are looking for previous releases of Apache OCW, have a look in the Apache Archives,
or alternatively for even older releases check out the Apache archives."
> Did you mean the second link to reference the incubator archives at

This message was sent by Atlassian JIRA

View raw message