From e6e1f4cb5e37f77fe61ff568dd2904f21ec5b82c Mon Sep 17 00:00:00 2001
From: "Mark J. Cox" <mark@openssl.org>
Date: Tue, 30 Nov 2004 14:34:16 +0000
Subject: Mention that the keys likely to have signed the distribution are now
 listed on the web site for easy finding and downloading

---
 FAQ | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'FAQ')

diff --git a/FAQ b/FAQ
index 463bc1e139..fd354b3b40 100644
--- a/FAQ
+++ b/FAQ
@@ -152,7 +152,8 @@ Use MD5 to check that a tarball from a mirror site is identical:
    md5sum TARBALL | awk '{print $1;}' | cmp - TARBALL.md5
 
 You can check authenticity using pgp or gpg. You need the OpenSSL team
-member public key used to sign it (download it from a key server). Then
+member public key used to sign it (download it from a key server, see a
+list of keys at <URL: http://www.openssl.org/about/>). Then
 just do:
 
    pgp TARBALL.asc
-- 
cgit v1.2.3