2003-05-15 Marcus Brinkmann <marcus@g10code.de>

	* Initial check-in.

1 files changed, 61 insertions, 0 deletions

diff --git a/README b/README
new file mode 100644
index 0000000..734c2d8
--- /dev/null
+++ b/README
@@ -0,0 +1,61 @@
+libgpg-error
+============
+
+This is a library that defines common error values for all GnuPG
+components.  Among these are GPG, GPGSM, GPGME, GPG-Agent, libgcrypt,
+pinentry, SmartCard Daemon and possibly more in the future.
+
+See the file COPYING for copyright and warranty information.
+
+Installation
+------------
+
+Please read the file INSTALL!
+
+Here is a quick summary:
+
+1) Check that you have unmodified sources. The below on how to do
+   this.  Don't skip it - this is an important step!
+
+2) Unpack the TAR.  With GNU tar you can do it this way:
+   "tar xzvf libgpg-error-x.y.z.tar.gz"
+
+3) "cd libgpg-error-x.y.z"
+
+4) "./configure"
+
+5) "make"
+
+6) "make install"
+
+
+How to Verify the Source
+------------------------
+
+In order to check that the version of libgpg-error which you are going
+to install is an original and unmodified one, you can do it in one of
+the following ways:
+
+a) If you already have a trusted Version of GnuPG installed, you can
+simply check the supplied signature:
+
+$ gpg --verify libgpg-error-x.y.z.tar.gz.sig
+
+This checks that the detached signature libgpg-error-x.y.z.tar.gz.sig
+is indeed a a signature of libgpg-error-x.y.z.tar.gz.
+
+Please note, that you have to use an old version of GnuPG to do all
+this stuff.  *Never* use the version which you are going to check!
+
+
+b) If you don't have any of the above programs, you have to verify the
+MD5 checksum:
+
+$ md5sum libgpg-error-x.y.z.tar.gz
+
+This should yield an output _similar_ to this:
+
+fd9351b26b3189c1d577f0970f9dcadc  libgpg-error-x.y.z.tar.gz
+
+Now check that this checksum is _exactly_ the same as the one
+published via the announcement list and probably via Usenet.