On 29 December 2014 at 19:48, Bernd Eckenfels <[email protected]> wrote: > The download page of apache commons reads like there is supposed to be > a KEYS column in the table. But it is now a general link, so I would > apply the following changes, if you agree:
I think the reference to the KEYS file needs to come before the hashes. We want to encourage sig checking as the primary way to check downloads. But I agree that the text needs some TLC. > =================================================================== > --- src/main/resources/commons-xdoc-templates/download-page-head.xml > (Revision 1648413) +++ > src/main/resources/commons-xdoc-templates/download-page-head.xml > (Arbeitskopie) @@ -88,12 +88,12 @@ </form> > > <p> > - The <a href="https://www.apache.org/dist/commons/KEYS";>KEYS</a> > - link links to the code signing keys used to sign the product. > The <code>PGP</code> link downloads the OpenPGP compatible > signature from our main site. The <code>MD5</code> link > downloads the checksum from the main site. Please <a > href="http://www.apache.org/info/verification.html";>verify the > integrity</a> > - of the downloaded file. > + of the downloaded file against the public code signing > + <a href="http://www.apache.org/dist/commons/KEYS";>KEYS</a> > + used by the Apache Commons developers. > </p> > </subsection> > </section> > > (also in src/site/xdoc/download_commons-build-plugin.xml) > > This is partially based on the wording of the apache maven download > site. > > Gruss > Bernd > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
