Proposal: Implementing signing process for official tarballs (try #1)

Tom Albers toma at
Sun May 30 12:04:23 CEST 2010

On Fri, 28 May 2010 23:32:58 +0200, Dirk Mueller <mueller at> wrote:
> I'm fine with providing a signature again, but fact is that nobody
> requested 
> them again so far. Just providing the md5sums on the website was enough
> far 
> - people are mostly concerned about incomplete/wrong downloads rather
> malicious attacks. 

I'ld be in favor to reintroduce it again. Although I'm happy with a simple
setup. Signing with your personal key would be ok for me, provided we
mention that on the info page, which resides in svn.

Tom Albers
KDE Developer

More information about the release-team mailing list