Release: Don't know

Environment

Not relevant but freeBSD 3.4 -- GPG built cleanly and without
incident. The problem is that I have not been able to verify
the distribution.

Description

> > I quote from the README included in gnupg-1.4.1.tar.gz:
> >
> > b) If you don't have any of the above programs, you have to verify
> > the SHA1 checksum:
> >
> > $ sha1sum gnupg-x.y.z.tar.gz
> >
> > This should yield an output _similar_ to this:
> >
> > fd9351b26b3189c1d577f0970f9dcadc1234abcd gnupg-x.y.z.tar.gz
> >
> > Now check that this checksum is _exactly_ the same as the one
> > published via the announcement list and probably via Usenet.
> >
> > I can understand hoping to verify the file using GPG. But I never
> > heard of sha1sum and a search at www.gnu.org couldn't find it
> > either. What's the matter with providing MD5 checksums? Perhaps
> > not as good as your choices (although I have no way of knowing
> > that) but certainly better than not verifying it at all, eh?
> >
> > Come to that, what's wrong with using PGP to verify it?
> >
> > If the objective is to make it as difficult as possible for those

How To Repeat

Read the README included in gnupg-1.4.1.tar.gz

Fix

Provide MD5 and/or PGP means of verification for those of
us who don't have GPG yet and who don't have and can't find
sha1sum whatever the hell that is.