Fedora 12 sha1sum
Todd Zullinger
tmz at pobox.com
Sun Nov 22 15:20:13 UTC 2009
Wolfgang S. Rupprecht wrote:
> Woudld it be possible to do the signature using SHA256 also? On one
> of the iso's I recently burned did have a checksum file with a gpg
> SHA256 signature hash. That was enough to remind me that I should
> be using the SHA256 for checksumming the iso.
Yes, that is generally a goal. The F-11 *-CHECKSUM files were signed
using a SHA-256 hash. One unfortunate effect of moving to the Sigul
signing server for F-12 is that controlling the hash used for gpg
signatures is more difficult and resulted in the default SHA-1 being
used.
However, while using SHA-256 every where is the goal, it's still good
to make people aware that the GPG Hash: header and the checksum used
for the .iso are not related at all. It seems that far too many
people make the mistaken assumption that they are. :/
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The trouble with being punctual is that nobody's there to appreciate
it.
-- Franklin P. Jones
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 542 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20091122/35bd9071/attachment-0001.sig>
More information about the fedora-list
mailing list