id summary reporter owner description type status priority milestone component resolution keywords cc parents 787 Instructions should include a recommendation that users check signatures anongoblin "On http://mediagoblin.readthedocs.org/en/v0.5.1/siteadmin/deploying.html , the instructions for deploying mediagoblin itself are: {{{ git clone git://gitorious.org/mediagoblin/mediagoblin.git cd mediagoblin git submodule init && git submodule update }}} It would probably be a good idea to recommend that users make sure that they're getting the real mediagoblin code, and not a trojan or something. One part of doing that would be to point them at the https URL (see #786), but since tags are signed, it might be a good idea to include instructions for checking signed tags too." defect closed major 1.0 documentation fixed Alex Jordan