Update some URLs & expand on PGP keys

diff --git a/templates/web/mirrors.xsl b/templates/web/mirrors.xsl
index 29f6313676285b2b2fa7193446bd17212cee6b0d..f1a7d876e15a8754e352e5208afdbcaa4081fb47 100644 (file)
--- a/templates/web/mirrors.xsl
+++ b/templates/web/mirrors.xsl
@@ -32,11 +32,11 @@
                                        <a href="https://wiki.exim.org/ObtainingExim">Exim Wiki.</a>
 
                                        <xsl:text>If the mirrors do not work for you, you can download the tarballs from the </xsl:text>
                                        <a href="https://wiki.exim.org/ObtainingExim">Exim Wiki.</a>
 
                                        <xsl:text>If the mirrors do not work for you, you can download the tarballs from the </xsl:text>

-                                       <a href="https://ftp.exim.org/pub/exim/exim4/">origin.</a>.
+                                       <a href="https://downloads.exim.org/exim4/">origin.</a>.

 
                                        <xsl:text>If we published maintenance releases you can find the tarballs
                                        in the </xsl:text>
 
                                        <xsl:text>If we published maintenance releases you can find the tarballs
                                        in the </xsl:text>

-                                       <a href="https://ftp.exim.org/pub/exim/exim4/fixes">fixes</a><xsl:text> directory</xsl:text>
+                                       <a href="https://downloads.exim.org/exim4/fixes/">fixes</a><xsl:text> directory</xsl:text>

                                </p>
 
             <h3>Exim Mirror Sites</h3>
                                </p>
 
             <h3>Exim Mirror Sites</h3>


@@ -53,9 +53,17 @@
 
            <h3>Verification of Downloads</h3>
 
 
            <h3>Verification of Downloads</h3>
 

-           All published tarballs are signed. The signatures are created with keys belonging to the developers. They keys
-           can be found in our <a href="https://downloads.exim.org/Exim-Maintainers-Keyring.asc">maintainers keyring</a>.
+           <p>
+           All published tarballs are cryptographically signed with an OpenPGP implementation (such as GnuPG).
+           The signatures are distributed alongside the tarballs.
+           The signatures are created with keys belonging to the developers.
+           The keys can be found in our
+           <a href="https://downloads.exim.org/Exim-Maintainers-Keyring.asc">maintainers keyring</a>.

            (Please crosscheck these keys with keys you can find at other sources.)
            (Please crosscheck these keys with keys you can find at other sources.)

+           </p>
+           <p>
+           The exim.org domain supports <a href="https://wiki.gnupg.org/WKD">the WKD mechanism</a> for OpenPGP key retrieval.
+           </p>

 
             <h3>Mirroring Exim</h3>
 
 
             <h3>Mirroring Exim</h3>
 


@@ -66,8 +74,9 @@
 
            <p>If you prefer tracking our commits to the source tree directly via Git:
            <ul>
 
            <p>If you prefer tracking our commits to the source tree directly via Git:
            <ul>

-               <li> Main Git Repository: <code>git://git.exim.org/exim.git</code></li>
-               <li> Mirror at GitHub <a href="https://github.com/Exim/exim.git">https://github.com/Exim/exim.git</a></li>
+               <li>Main Git Repository: <code>git://git.exim.org/exim.git</code></li>
+               <li>Web interface: <a href="https://git.exim.org/exim.git">https://git.exim.org/exim.git</a></li>
+               <li>Mirror at GitHub <a href="https://github.com/Exim/exim.git">https://github.com/Exim/exim.git</a></li>

            </ul>
            All releases get a signed Git tag.
            </p>
            </ul>
            All releases get a signed Git tag.
            </p>