Dear All,

I am new to this forum, I am interested in using ClamWin, but have the following question: can all the downloaded files e.g. binaries and source are they protected by either a digital signature or really strong cryptographic hash - so that I know I am downloading the file from the mirros as the authors intended the files to be - i.e. un-modified? If not, can I suggest that they are.

Or is there any way I can check the file authenticity and integrity after downloading from the mirrors?

Thank you in advance.

Fred

(PS I did a quick search and found no references to signatures, hash etc, except for the virus databases.)

there is a gpg signature attached to each release:

https://sourceforge.net/project/showfiles.php?group_id=105508

the public key is here:
https://prdownloads.sourceforge.net/clamwin/ClamWin-SW-GPG-Key.asc?download