x/website: link to signatures on Go releases and document how to validate #38910
On https://golang.org/dl/, there are links to each Go release, along with SHA256 checksums. However, the security of those checksums is only ensured by HTTPS. I learned recently that there are also PGP signatures for each release. So to go along with:
There is also:
It would be great to document that fact on https://golang.org/dl/, along with instructions on how to validate the signature.
The text was updated successfully, but these errors were encountered: