santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 49970] Releases are not being served from the ASF mirror system
Date Wed, 22 Sep 2010 10:47:23 GMT

--- Comment #4 from coheigea <> 2010-09-22 06:47:21 EDT ---

> This is not actually true, as the mirrors do have the current release.

I just added the distributions to and recently. The website hasn't been updated yet
to reflect this. I'm working on this at the moment.

> Also, there are no MD5 or SHA1 checksum files for the releases.
> AIUI at least one of these is also required for all ASF releases.

Previous releases of Santuario/XML-Security did not appear to create checksum
files. From what I can tell this is not a strict requirement...:

>> Signatures should be ASCII armored and detached.

>>Your public key should be exported and the result appended to the appropriate >>
KEYS file(s).

>>That's all you need to know to sign a release.

All of these steps have been followed for the current distribution(s).

> I thought the checksums were created when the files were put into place the
> other day. 

No, I just copied the artifacts from the Santuario dist page across. Henk
objected to the fact that there was no KEYS file and so the signatures could
not be verified, I copied the KEYS file across to fix that.

> The directory isn't group writeable, will need to wait on the PMC chair to fix.

This is done now.


Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

View raw message