Downloads and source tarballs should be gpg signed.
I noticed you have a gpg key there on the front page and that it's been
distributed to various key servers.
Original issue reported on code.google.com by anonymou...@mailmetrash.com on 12 Nov 2011 at 2:04
Original issue reported on code.google.com by
anonymou...@mailmetrash.com
on 12 Nov 2011 at 2:04