tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Fogg <peter.f...@sbcglobal.net>
Subject Re: Unable to verify
Date Wed, 13 Oct 2004 05:57:24 GMT
Thanks for the response.

I'm new to this business of verifying files and I read somewhere 
recently that it is not safe to use a .md5 file from the same server 
from which I get the distribution file. The reason given was that the 
.md5 file may also have been hacked along with the distribution file. 
That's why I was going the .asc route.

Peter -

On Oct 12, 2004, at 9:14 PM, Jacob Kjome wrote:

> It verifies just fine against the .md5 file using Ant's <checksum> 
> task.
>
> Jake
>
> At 07:24 PM 10/12/2004 -0700, you wrote:
> >The following files were downloaded from the Apache Jakarta Site:
> >
> >jakarta-tomcat-5.0.28.tar.gz
> >jakarta-tomcat-5.0.28.tar.gz.asc
> >jakarta-tomcat-5.0.28.tar.gz.md5
> >
> >Attempted to verify the distribution before installing it:
> >
> >$ gpg --verify jakarta-tomcat-5.0.28.tar.gz.asc
> >jakarta-tomcat-5.0.28.tar.gz
> >gpg: Signature made Sat Aug 28 18:02:16 2004 PDT using DSA key ID
> >7C037D42
> >gpg: Can't check signature: public key not found
> >
> >$ gpg --keyserver pgpkeys.mit.edu --recv-keys 7C037D42
> >gpg: no valid OpenPGP data found.
> >gpg: Total number processed: 0
> >
> >$
> >.
> >.
> >.
> >
> >I have tried numerous keyservers with the same result. What am I doing
> >wrong?
> >
> >Peter -
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message