tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marc Saegesser" <marc.saeges...@apropos.com>
Subject Signing releases [was Re: question]
Date Thu, 24 May 2001 16:59:29 GMT
I've checked the Tomcat 3.2.2b5 distribution and it looks OK.

Regarding signing the releases.  Could someone describe the procedures use
by other Apache projects for signing their releases?  Tomcat 3.2.2 will
going out in the near future and I would like to have a signing mechanism in
place prior to that.

> -----Original Message-----
> From: Pier P. Fumagalli [mailto:pier@betaversion.org]
> Sent: Thursday, May 24, 2001 11:20 AM
> To: Jon Stevens; Brian Behlendorf
> Cc: committers@apache.org; tomcat-dev
> Subject: Re: question
>
>
> Jon Stevens at jon@latchkey.com wrote:
> >
> > WHAT?? I don't think that there should be .sea files there!
> >
> > .sea is a MacOS Stuffit Archive.
> >
> > Also, the .war files are == .jar files which are equal to .zip
> files. They
> > are auto "uncompressed" by the servlet engine when it starts up. So, the
> > file will probably be located in the ROOT.war.
> >
> > We really should take all of our distributions offline ASAP.
>
> Hold it hold it hold it... I made the SEA of Tomcat 3.2.1 to work with
> Apple's MRJ on MacOS 8.6-9.1... (And it works!)
>
> >> This *looks* like a false alarm.  Ask him for an md5 of the tarball he
> >> downloaded, as well as where he downloaded it from.  You guys
> might want
> >> to consider signing your releases at some point, too.
> >
> > This is a project by project thing to do. Most of the projects do it
> > correctly.
>
> Might want to enforce it from a PMC standpoint?? :)
>
>     Pier


Mime
View raw message