cd ..
cd spec
+cat >download <<EOF
+You can obtain releases source code prepared tarballs on
+=> http://www.keks.cypherpunks.su/\r
+EOF
swg info >../spec.info
./mk-html
mv ../spec.info .
http://www.keks.cypherpunks.su/download/keks-${release}.tar.zst ($size KiB)
http://www.keks.cypherpunks.su/download/keks-${release}.tar.zst.sig
-OpenSSH key: SHA256:egDNCXj0/8mCSWVEc3mlB788/yM86m0C5UYitppZyc8
-cm/signed key: C8E1B383FADA392E08F8F9F6B07C2F11861F14BE6D98C008C9AB8A9185527B5F
+Signing key fingerprints:
+ OpenSSH: SHA256:egDNCXj0/8mCSWVEc3mlB788/yM86m0C5UYitppZyc8
+ cm/signed: C8E1B383FADA392E08F8F9F6B07C2F11861F14BE6D98C008C9AB8A9185527B5F
EOF
echo mutt -s \"KEKS $release release announcement\" \
keks@lists.cypherpunks.su \
You *have to* verify downloaded tarballs authenticity to be sure that
-you retrieved trusted and untampered software. Metalink4 file contains
-its OpenSSH signature, that can be verified with
+you retrieved trusted and untampered software.
+
+Metalink4 file contains its OpenSSH signature.
=> PUBKEY-SSH.pub\r
=> PUBKEY-SSH.pub.asc\r
-[cm/signed/] .sig file can be verified with
+=> https://www.openssh.com/ OpenSSH\r
+=> https://gnupg.org/ GnuPG\r
+=> https://datatracker.ietf.org/doc/html/rfc5854 Metalink4\r
+
+[cm/signed/] .sig file can be verified with:
=> PUBKEY-CM.pub\r
=> PUBKEY-CM.pub.asc\r
-=> https://www.openssh.com/ OpenSSH\r
-=> https://gnupg.org/ GnuPG\r
+ $ cat keks-$version.tar.zst.sig keks-$version.tar.zst |
+ cmsigtool -v -d 4<PUBKEY-CM.pub
+$ version=0.1.0
+$ [fetch|wget] http://www.keks.cypherpunks.su/download/keks-$version.tar.zst
+$ [fetch|wget] http://www.keks.cypherpunks.su/download/keks-$version.tar.zst.sig
+
0.1.0 | XXXX-XX-XX | XXX KiB
=> download/keks-0.1.0.tar.zst.meta4\r
=> download/keks-0.1.0.tar.zst\r