[Dev] PGP keys

The Mighty Gravi themightygravi at inventati.org
Mon Oct 27 18:04:26 GMT 2014

On Sun, 26 Oct 2014 17:47:00 +0000
laigualdad <laigualdad at riseup.net> wrote:

> Would the project maintainers be interested in signing the ISOs so we can verify that we are obtaining them from who we think we are? I torrented, but this doesn't protect from the posssibilty that the torrent file itself could get compromised via a MitM attack (not sure about magnet links). Paranoid I know, but Arch has a PGP signature too, anyway. It would help me feel better at least! :)
> _______________________________________________
> Dev mailing list
> Dev at lists.parabola.nu
> https://lists.parabola.nu/mailman/listinfo/dev

Torrent iso is almost as old as this distro. (2013.09.01)

Last one's accesable via HTTP mirrors, and cointains checksum and gpg public key.

Give it a chance.

The Mighty Gravi <themightygravi at inventati.org>

More information about the Dev mailing list