[MRM-1297] Website download page does not provide link to KEYS file - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Critical
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: Documentation
Labels:
None
Environment:
http://archiva.apache.org/download.html

Description

The page http://archiva.apache.org/download.html does not include a link to the KEYS file, which should be located in:

http://www.apache.org/dist/archiva/

This means that it is all but impossible to verify any downloads, for example, for apache-archiva-1.2.2-docs.zip I get:

gpg: Signature made 08/27/09 10:50:31 GMT Daylight Time using DSA key ID C625BAFB
gpg: Can't check signature: No public key

The key is at least available from the MIT server, but anyone can upload keys there.

Attachments

Activity

People

Assignee:: Wendy Smoak

Reporter:: Sebb

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 08/Dec/09 11:09

Updated:: 07/Apr/15 18:54

Resolved:: 30/Dec/09 14:41