commons-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Adrian Sutton" <>
Subject RE: httpclient md5 and asc files
Date Thu, 17 Jun 2004 20:46:01 GMT
>I suppose "verifiability" is a pipe dream.  Even if 2.0 were signed, I
>know you or any of the would-be signers of HttpClient or other Apache
>products anyway.  Heck, how do I know mighty isn't
hosted in

Just for the record, infrastructure seems to be working on setting up a
certificate authority server and I imagine having a verifiable chain of
trust down to the person signing releases is one of the things that will
be used for.  I have no idea what the timeline is for implementing that


Adrian Sutton.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message