Re: checksum files are not signed what gives?

To: Steve K <strangerland@gmail.com>
Cc: debian-cd@lists.debian.org
Subject: Re: checksum files are not signed what gives?
From: Neil Williams <codehelp@debian.org>
Date: Thu, 7 Jul 2016 09:43:36 +0200
Message-id: <[🔎] 20160707094336.08988c50@sylvester.codehelp>
In-reply-to: <[🔎] CAECx-3-P3YQfEBY7TbZcF2pYkWMhZrBpB5F1F9+tK+8C486=jg@mail.gmail.com>
References: <[🔎] CAECx-3-P3YQfEBY7TbZcF2pYkWMhZrBpB5F1F9+tK+8C486=jg@mail.gmail.com>

On Wed, 6 Jul 2016 14:33:26 -0400
Steve K <strangerland@gmail.com> wrote:

> SHA512SUMS
> <http://cdimage.debian.org/debian-cd/8.5.0/amd64/bt-dvd/SHA512SUMS>
> for instance is not signed so whats the point of SHA512SUMS.sign
> <http://cdimage.debian.org/debian-cd/8.5.0/amd64/bt-dvd/SHA512SUMS.sign>

The .sign file is the signature of the checksum file - it's called a
detached signature and GnuPG is able to verify the signature correctly.

-- 


Neil Williams
=============
http://www.linux.codehelp.co.uk/

Attachment: pgpsydXbnxcCc.pgp
Description: OpenPGP digital signature

Reply to:

References:
- checksum files are not signed what gives?
  - From: Steve K <strangerland@gmail.com>

Prev by Date: New Debian-CD mirror
Next by Date: Bug#830270: cdimage.debian.org: Provide localized versions of amd64/i386 netinst iso
Previous by thread: Re: checksum files are not signed what gives?
Next by thread: New Debian-CD mirror
Index(es):
- Date
- Thread