sha256sun
Fernando Cassia
fcassia at gmail.com
Tue Jun 16 20:21:04 UTC 2009
On Tue, Jun 16, 2009 at 5:17 PM, Todd Zullinger <tmz at pobox.com> wrote:
> Aldo Foot wrote:
> > The filename "Fedora-11-i386-CHECKSUM" is arbitrary. You can call it
> > anything you want as long as it has the contents of the GPG key
> > provided by the distro[1], just click on the checksum link and copy
> > its contents to a text file.
> >
> > [1] http://mirrors.kernel.org/fedora/releases/11/Fedora/i386/iso/
>
> At the risk of causing more confusion, I don't think that's correct.
> The contents of the GPG key are _not_ included in the *CHECKSUM files.
> The contents are the sha256sum hashes of the files in release, and
> they are signed with gpg so that you can first verify that the
> CHECKSUM file came from the Fedora Project and then feel confident
> using the file to verify the checksums of the .iso files.
Is there a sha256sum for the GPG signature of the sha256sum of the files???
Sorry, couldn´t resist. ;<VBG>
FC
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20090616/629d58d0/attachment-0001.htm>
More information about the fedora-list
mailing list