Making PGP distribution key well-known

Petr Pisar ppisar at
Mon Mar 5 10:37:47 UTC 2012

On 2012-03-02, Kevin Fenzi <kevin at> wrote:
> On Fri, 2 Mar 2012 12:53:35 +0000 (UTC)
> Petr Pisar <ppisar at> wrote:
>> On 2012-03-01, Michal Schmidt <mschmidt at> wrote:
>> > Dne 1.3.2012 17:52, Petr Pisar napsal(a):
>> >> where to get public key for verifying RPM signatures.
>> >
>> > The keys are at:
>> >
>> And F16 primary key (A82BA4B7) is signed by... 1 guy. Awesome.
>> And ISO images propagated on Fedora web pages have signatures where?
>> I see, one must trim the URL manually and hope the web server lists
>> directory and there will be a signature.
> has a full list of them, but yes,
> they should be in the same directory.
> If you can think of a better way to present this data, do say.
Put them right next to shiny Download links. If the datails about size
are important enough, a link to signature could be there too. Like:

Download Now!
605MB, ISO format image for Intel-compatible PCs (32-bit), signature

Where the `signature' label would point to

The `Verify Download' link is six sections underneath. Even bellow
export regulations which nobody reads. To far.

-- Petr

More information about the devel mailing list