On Thu, Mar 24, 2016 at 2:34 PM, Vladimir Prus
On 03/23/2016 10:29 PM, Vladimir Prus wrote:
The SHA256 checksums are as follows:
bc8341bfb8c6621319ad9eb732179fc7ec4da35c3cefc31b613f83ec3df10361 boost_1_61_0_b1_rc2.7z c0f06c78c195af9079773a2b250674244f1899ec81e84d5455f0761f1d888a16 boost_1_61_0_b1_rc2.tar.bz2 400fa0949aa201d993bf116461365e5d44904a3f8db6412f4f40f2b4ab490405 boost_1_61_0_b1_rc2.tar.gz d75688ecad601303dda2658e9a3d06f406dd4dc8e2c13c36bdadcac0a11dcffa boost_1_61_0_b1_rc2.zip
Since there were requests that we sign releases in some way, I wanted to beta test that.
Attached is a list of checksums signed by my personal GPG key. The key can be found at:
https://pgp.mit.edu/pks/lookup?op=get&search=0xDA472E8659753BA4
or
https://vladimirprus.com/vladimir.prus.gpg
The key fingerprint is:
C5F0 F367 AA66 616F B839 806E DA47 2E86 5975 3BA4
I would appreciate if folks confirm that this information is sufficient to validate checksums.
I was able to get your key and validate that it had signed the checksums file. gpg --import vladimir.prus.gpg gpg --verify boost_1_61_0_b1_rc1.sums.asc I was then able to verify that the checksums were correct for the downloaded files. tomkent@bart:~/tmp$ sha256sum -c boost_1_61_0_b1_rc2.sums.asc boost_1_61_0_b1_rc2.7z: OK boost_1_61_0_b1_rc2.tar.bz2: OK boost_1_61_0_b1_rc2.tar.gz: OK boost_1_61_0_b1_rc2.zip: OK sha256sum: WARNING: 21 lines are improperly formatted Looks like we finally have a verified (rc) release! Thanks for getting that working. Tom