View Issue Details

IDProjectCategoryView StatusLast Update
0004944CentOS-6Otherpublic2011-07-10 19:29
Status newResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0004944: Website does not show how to use GPG key to verify Checksum files
DescriptionThe website for how to burn an ISO doesn't show all the steps required to successfully verify the authenticity of the ISO:

The Checksum .ASC file signatures should be verified by the published release GPG key.

The Fedora Project lists these steps:

Additionally, the GPG key should really by published with some additional trust method. One method to do this is to make the GPG key available via the SSL version of
TagsNo tags attached.




2011-07-10 19:27

reporter   ~0012925

Sorry for the old link. C5 has this as well:

Really what should be done is creating a release-agnostic page showing how to verify and burn any CentOS release.


2011-07-10 19:29

reporter   ~0012926

Ah, I see there is a version-generic FAQ page. This could be updated:

Issue History

Date Modified Username Field Change
2011-07-10 18:49 jroysdon New Issue
2011-07-10 19:27 jroysdon Note Added: 0012925
2011-07-10 19:29 jroysdon Note Added: 0012926