README.md
<h1>Apache Turbine Project</h1>

<p>This is the released files section of the Turbine project. It offers both binary and source distributions.</p>

<!--
<p>If you feel like living on the edge, you can check out our nightly builds <a href="http://cvs.apache.org/dist/jakarta/turbine/">here</a>.
-->

<p><font color="red" size="+2">Note:</font>
The tar files in the distribution use GNU tar extensions
and must be untarred with a GNU compatible version of tar. The version
of tar on Solaris and Mac OS X will not work with these files</p>

<p>Please visit the <a href="http://turbine.apache.org/">Turbine website</a> for more information.</p>

<p>This site contains only the latest releases. You can download older releases from our <a href="http://archive.apache.org/dist/turbine/">archive site</a>.</p>

<a name="sig"><h2>Signatures</h2></a>

<p>All of the files have been digitally signed using GnuPG. If so,
there will be an accompanying <samp><em>file</em>.asc</samp> signature
file in the same directory as the file (binaries/ or source/). The
signing keys can be found in the distribution directory at &lt;<a
HREF="http://www.apache.org/dist/turbine/KEYS"><samp>http://www.apache.org/dist/turbine/KEYS</samp></a>&gt;.</p>

<p><b>Always download the KEYS file directly from the Apache site, never from a mirror site.</b></p>


<pre>Always test available signatures, <i>e.g.</i>,
$ pgpk -a KEYS
$ pgpv turbine-2.3.3.tar.gz.asc
or,
$ pgp -ka KEYS
$ pgp turbine-2.3.3.tar.gz.asc
or,
$ gpg --import KEYS
$ gpg --verify turbine-2.3.3.tar.gz.asc
</pre>
<p>

<a name="sig"><h2>Checksums</h2></a>

<p>Newer releases follow <a href="https://www.apache.org/dev/release-distribution#sigs-and-sums">this new policy</a>. As a result there will be at least one accompanying <samp><em>file</em>.sha1</samp>, <samp><em>file</em>.sha256</samp> or <samp><em>file</em>.sha512</samp> checksum file in the same directory as the file (binaries/ or source/).</p>