-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This file contains MD5 and SHA1 checksums for the source-code tarballs
of Django security releases issued 2 September 2008.

To use this file, you will need a working install of PGP or other
compatible public-key encryption software. You will also need to have
the Django release manager's public key in your keyring; this key has
the fingerprint ``0x8C8B2AE1`` and can be imported from the MIT
keyserver. For example, if using the open-source GNU Privacy Guard
implementation of PGP::

    gpg --keyserver pgp.mit.edu --recv-key 0x8C8B2AE1

Once the key is imported, verify this file::

    gpg --verify django-security-releases-20080901.checksums.txt

Once you have verified this file, you can use normal MD5 and SHA1
checksumming applications to generate the checksums of the Django
release packages and compare them to the checksums listed below.


Release packages:
=================

Django 0.91.3: http://www.djangoproject.com/download/0.91.3/tarball/
Django 0.95.4: http://www.djangoproject.com/download/0.95.4/tarball/
Django 0.96.3: http://www.djangoproject.com/download/0.96.3/tarball/


MD5 checksums:
==============

MD5(Django-0.91.3.tar.gz)= 8bf8e24b2b8a29139740ce8ce1087665
MD5(Django-0.95.4.tar.gz)= fbb80b97fc75f512d67c5ce305ec1cfb
MD5(Django-0.96.3.tar.gz)= ee36233367d2abc5b058a3a84a4447cf


SHA1 checksums:
===============

SHA1(Django-0.91.3.tar.gz)= 0db09bc1aaf2ec19fa468239b163e133636f0ce4
SHA1(Django-0.95.4.tar.gz)= f2cc9fa1010c38f41741187775be345818997c87
SHA1(Django-0.96.3.tar.gz)= 9b6ddba5b86120bc09821874ac4edceb42052933
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)

iD8DBQFIvbG7NoTAwIyLKuERArdcAJoCgmIGooe8IH62DhxzxDZYVYvK4QCgr08+
yUObhv4C0B0WnV+ZGpVINbw=
=shVy
-----END PGP SIGNATURE-----