From c9e032e031b12f6e5e2de6823b1f860df2a5197b Mon Sep 17 00:00:00 2001
From: "Gary V. Vaughan" <gary@gnu.org>
Date: Fri, 3 Sep 2004 00:34:48 +0000
Subject: [PATCH] * HACKING: Explain how to verify detached signatures with gpg
 in the release announcement templates.

---
 ChangeLog |  3 +++
 HACKING   | 10 ++++++++++
 2 files changed, 13 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 92a6f8348..1bf9581b2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,8 @@
 2004-09-03  Gary V. Vaughan  <gary@gnu.org>
 
+	* HACKING: Explain how to verify detached signatures with gpg in
+	the release announcement templates.
+
 	* AUTHORS: Fix typo in my address.
 
 2004-09-02  Gary V. Vaughan  <gary@gnu.org>,
diff --git a/HACKING b/HACKING
index 0df96e1e2..b4c88b868 100644
--- a/HACKING
+++ b/HACKING
@@ -223,6 +223,11 @@ Here are the gpg detached signatures:
   ftp://alpha.gnu.org/gnu/libtool/libtool-@PREV_RELEASE_VERSION_ON_THIS_BRANCH@-@VERSION@.diff.gz.sig
   ftp://alpha.gnu.org/gnu/libtool/libtool-@PREV_RELEASE_VERSION_ON_THIS_BRANCH@-@VERSION@.xdelta.sig
 
+You should download the signature named after any tarball you download,
+and then verify its integrity with, for example:
+
+  gpg --verify libtool-@VERSION.tar.gz.
+
 Here are the MD5 and SHA1 checksums:
 
   @MD5SUM@ libtool-@VERSION@.tar.gz
@@ -305,6 +310,11 @@ Here are the gpg detached signatures:
   ftp://ftp.gnu.org/gnu/libtool/libtool-@PREV_RELEASE_VERSION_ON_THIS_BRANCH@-@VERSION@.diff.gz.sig
   ftp://ftp.gnu.org/gnu/libtool/libtool-@PREV_RELEASE_VERSION_ON_THIS_BRANCH@-@VERSION@.xdelta.sig
 
+You should download the signature named after any tarball you download,
+and then verify its integrity with, for example:
+
+  gpg --verify libtool-@VERSION.tar.gz.
+
 Here are the MD5 and SHA1 checksums:
 
   @MD5SUM@ libtool-@VERSION@.tar.gz
-- 
2.47.2