Kenneth Porter wrote:
--On Tuesday, June 14, 2005 12:12 AM +0530 Rahul Sundaram <sundaram redhat com> wrote:I dont think using sha1sum or accomodating that change is a risky process at all. The tools are well established and the methods are well documented.
If we are talking about risks, note that sha1sum is potentially *less* riskier than md5sum. Fedora is anything but conservative though
The algorithm itself is less risky. Changing the release process to use it is more risky. Fedora users get to test the process change.