Hi! > about signing, recently I got a question that somebody couldn't verify > the tarball signature, because he was trying to verify the extracted > contents instead of the compressed file. > he was trying to do that, because that is how the kernel.org > <http://kernel.org> releases are signed: > https://www.kernel.org/signature.html#using-gnupg-to-verify-kernel-signatures
I far as I understood, this one verifies .tar - i.e. uncompressed, but not extracted. Am I wrong? If that's right, then it doesn't solve the issue with .zip. -- Stas Malyshev smalys...@gmail.com -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
