Wireshark-dev: Re: [Wireshark-dev] GPG signature for the downloads: 404

From: Joerg Mayer <jmayer@xxxxxxxxx>
Date: Fri, 1 Sep 2006 18:45:31 +0200
On Fri, Sep 01, 2006 at 03:30:19PM +0100, Robin Munn wrote:
> http://www.wireshark.org/download.html points to a signatures file at
> http://www.wireshark.org/download/SIGNATURES-0.99.3.txt, but that URL
> is 404-compliant. Nor could I find the signatures file anywhere in the
> http://www.wireshark.org/download/ tree.
> 
> On that subject, it would also be nice to get the gerald@xxxxxxxxxxxxx
> GPG key signed by a few other (well-known) keys, to eliminate the
> possibility of someone inserting Trojaned binaries onto the
> wireshark.org site with a corresponding self-signed but fake
> "gerald@xxxxxxxxxxxxx" GPG key to go along with them.
> 
> Thanks, BTW, for making Ethereal/Wireshark such a useful tool. There
> have been several times when it's saved me *hours* of headscratching
> over some network problem. Now it's the first thing I fire up when I
> want to troubleshoot any kind of weird network behavior. Congrats on
> making such an excellent tool!

Gerald is (mostly) offline for the next week or so. Please open a bug
for this at bugs.wireshark.org, to make sure the idea doesn't get lost.

Thanks!
         Joerg
-- 
Joerg Mayer                                           <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.