[krbdev.mit.edu #7927] Documentation__For users

Benjamin Kaduk via RT rt-comment at krbdev.mit.edu
Fri Jun 13 14:28:49 EDT 2014


[dan_reagan at mentor.com - Thu May 29 15:52:56 2014]:

> It would be really nice if you could document how to validate the PGP
> signature associated with a particular release.
> 
> After more than an hour of searching, I've found no way to validate
> the release provided.
> 
> I also note after searching the 'net that there are many others having
> the same problems.

The page http://web.mit.edu/kerberos/krb5-latest/doc/build/index.html discusses the 
structure of the distribution tarball, and mentions that a PGP signature file is included.

The subject of this ticket mentions the "For users" document, though -- would you have been 
helped (even partially) by a link to the "Building Kerberos V5" document from the "For users" 
document?

Is the core issue that there is no documentation for how to actually verify the PGP signature on 
the tar file, as "MIT highly recommends that you [do]"?


More information about the krb5-bugs mailing list