[openssl-commits] [web] master update

Rich Salz rsalz at openssl.org
Fri Jun 17 13:46:39 UTC 2016

The branch master has been updated
       via  b5e01cf04697cb5914660f417864c02e5f39ade0 (commit)
      from  9579941abf5a9b26da8fa05058e820a75c78de9f (commit)

- Log -----------------------------------------------------------------
commit b5e01cf04697cb5914660f417864c02e5f39ade0
Author: Rich Salz <rsalz at akamai.com>
Date:   Fri Jun 17 09:46:34 2016 -0400

    Tweak "check authenticity" answer.


Summary of changes:
 docs/faq.txt | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/docs/faq.txt b/docs/faq.txt
index 3a50651..9953c23 100644
--- a/docs/faq.txt
+++ b/docs/faq.txt
@@ -162,10 +162,10 @@ so that the special release is no longer necessary.
 * How do I check the authenticity of the OpenSSL distribution?
-We provide MD5 digests and ASC signatures of each tarball.
-Use MD5 to check that a tarball from a mirror site is identical:
+We provide PGP signatures and a variety of digests on each release.
+For example:
-   md5sum TARBALL | awk '{print $1;}' | cmp - TARBALL.md5
+   sha1sum TARBALL | awk '{print $1;}' | cmp - TARBALL.sha1
 You can check authenticity using pgp or gpg. You need the OpenSSL team
 member public key used to sign it (download it from a key server, see a

More information about the openssl-commits mailing list