Hi Ceki,<br>I'm trying to push to use Slf4j and logback in our project and my company wants me to get the MD5 or SHA1 hashes or the code-signing certs to verify the integrity of downloaded files.<br> <br>Though <a href="http://repo1.maven.org">repo1.maven.org</a> site provides the hashes, we are not sure whether the war and the hash are uploaded by genuine party or not.<br>
<br>As you are the owner of the project, I request you to kindly publish the hashes or certs on website's download page.. which can be cross-checked with the downloaded war and/or also with the maven repository.<br> <br>
Kindly do the needful and oblige.<br> <br>Thanks,<br>Elisha Ebenezer.