Page MenuHomePureOS Tracker

Missing PGP signing & filename of PureOS ISO in download page
Open, LowPublic

Description

The PureOS ISO download page at:
https://pureos.net/download.html

Show only checksums (secure checksums only [sha256|blake2] which is good)
but lack:

  1. filename information (such as: "pureos-3.0-live-amd64.hybrid.iso") of the downloaded file.
  2. PGP signing of the ISO itself or/and signing of the checksums.

a good example of downloading page (regarding to security) is from Qubes: (See 'Verify' column)
https://www.qubes-os.org/downloads/

Event Timeline

e3amn2l created this task.Jun 18 2017, 06:03
mak claimed this task.Jul 20 2018, 17:34
mak lowered the priority of this task from Normal to Low.
mak added a subscriber: mak.

Not sure what you mean with "filename information", but support for adding a GPG signature is on my todo list already.

e3amn2l added a comment.Sep 5 2018, 00:19

by filename information I mean the filename, such as: "pureos-8.0-gnome-live_20180826-amd64.hybrid.iso" which also contain useful information such as date (when iso was generated?)