Support » Requests and Feedback » Signed versions

  • Is there any plan to offer cryptographic signatures of the distributed versions? Ideally, a PGP-signed file containing the hashes for either the unique files, but otherwise just a hash for the entire distribution would be a great way to know that WordPress is indeed pristine. This would also simplify validating that the version we update with is in fact what it claims to be – a genuine update.

    Thank you!

  • The topic ‘Signed versions’ is closed to new replies.