Just downloaded 4.8.0 from one of your mirror sites listed at [http://gcc.gnu.org/mirrors.html] and would like to verify the file with GPG.
Your site says "The archives there will be signed by one of the following GnuPG keys...", but I see no .sig/.asc file on the mirror sites (or in the package itself), so how am I supposed to verify the file, exactly? -Scott
