Apache Tuscany > Home > SCA Overview > SCA Java 2.x > SCA Java 2.x Releases > SCA Java 2.0-M2 | User List | Dev List | Issue Tracker |
SCA Java 2.0-M2 (April 2009)For full detail about the release please see the RELEASE_NOTES and CHANGES files. Windows
Linux / Mac OS X / Unix
Verifying the downloadsTo ensure the integrity of the release artifacts they are digitally signed. You can find more information about the way that we sign releases here. To verify the integrity of the downloaded files you must use signatures downloaded from our main distribution directory not from the distribution mirrors. MD5 checksums can be verified simply by regenerating the checksum and comparing it against the checksum (the md5 file) supplied with the release. There are various utilities that can be used to generate the checksum, for example openssl md5 apache-tuscany-sca-all-2.0-M2.tar.gz or md5sum apache-tuscany-sca-all-2.0-M2.tar.gz PGP signatures can be verified using PGP or GPG. First download the KEYS as well as the asc signature file for the relevant distribution. Make sure you get these files from our main distribution directory, rather than from a mirror. Then verify the signatures using, for example pgpk -a KEYS pgpv apache-tuscany-sca-all-2.0-M2.tar.gz.asc or pgp -ka KEYS pgp apache-tuscany-sca-all-2.0-M2.tar.gz.asc or
gpg --import KEYS
gpg --verify apache-tuscany-sca-all-2.0-M2.tar.gz.asc
|