date : Thursday, 2019-03-28, at 10:30 UTC title: Verify this Release of Etsh So... If you're asking, "How do I verify this release?", the following should help answer your question.. I assume you're doing this on OpenBSD. First, download either the entire directory or the following files: SHA512*, one or both of etsh-5.4.0.tar.[gx]z depending on whether you use gzip(1) or xz(1), etsh-v6shell.pub (a copy of the signify public key for etsh (v6shell) and related projects), and readme-verify_release (this file). Then, do this (step(s) 1 and/or 2)... 1): % signify -C -p etsh-v6shell.pub -x SHA512.sig Signature Verified etsh-5.4.0.tar.gz: OK etsh-5.4.0.tar.xz: OK and you're set; otherwise, if you're not on OpenBSD, this or a variation of it with the available tools.. 2): % sha512 -C SHA512 etsh-5.4.0.tar.gz etsh-5.4.0.tar.xz (SHA512) etsh-5.4.0.tar.gz: OK (SHA512) etsh-5.4.0.tar.xz: OK will at least tell you if your downloads were successful and without corruption. I do both steps 1 and 2 myself. And... You can flip the order if you wish to do so.. That is to say: Not 1 and 2 .. But 2 and 1 .. It shouldn't matter either way .. But we can't really be sure .. Thus, I'll simply leave you with one last thought ... =) ! be safe; protect yourself & others; verify ! (= -- Cheers, Jeff