[openssl-commits] [web] master update
Rich Salz
rsalz at openssl.org
Fri Jun 17 13:46:39 UTC 2016
The branch master has been updated
via b5e01cf04697cb5914660f417864c02e5f39ade0 (commit)
from 9579941abf5a9b26da8fa05058e820a75c78de9f (commit)
- Log -----------------------------------------------------------------
commit b5e01cf04697cb5914660f417864c02e5f39ade0
Author: Rich Salz <rsalz at akamai.com>
Date: Fri Jun 17 09:46:34 2016 -0400
Tweak "check authenticity" answer.
-----------------------------------------------------------------------
Summary of changes:
docs/faq.txt | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/docs/faq.txt b/docs/faq.txt
index 3a50651..9953c23 100644
--- a/docs/faq.txt
+++ b/docs/faq.txt
@@ -162,10 +162,10 @@ so that the special release is no longer necessary.
* How do I check the authenticity of the OpenSSL distribution?
-We provide MD5 digests and ASC signatures of each tarball.
-Use MD5 to check that a tarball from a mirror site is identical:
+We provide PGP signatures and a variety of digests on each release.
+For example:
- md5sum TARBALL | awk '{print $1;}' | cmp - TARBALL.md5
+ sha1sum TARBALL | awk '{print $1;}' | cmp - TARBALL.sha1
You can check authenticity using pgp or gpg. You need the OpenSSL team
member public key used to sign it (download it from a key server, see a
More information about the openssl-commits
mailing list