SHA1 and 256 (again) :)

Rahul Sundaram sundaram at
Wed Nov 18 22:29:59 UTC 2009

On 11/19/2009 03:43 AM, Adam Williamson wrote:
> On Thu, 2009-11-19 at 02:26 +0530, Rahul Sundaram wrote:
>> On 11/19/2009 02:20 AM, Scott Robbins wrote:
>>> On Wed, Nov 18, 2009 at 12:30:37AM -0500, Scott Robbins wrote:
>>> As suspect, there's already posts on the forums about this.  (Smugly
>>> mutters, "told ya so".  :)
>>> Seriously, someone pointed out that some docmentation, the docs for
>>> burning CD's seem to indicate that one should use sha1.   
>>> That should probably get fixed--I'm not sure if I have write access, and
>>> I don't have a Windows machine to test the instructions, so someone?
>> Refer to
>> Note that changing HASH: SHA1 to anything else in the top of the file
>> will make the gpg check fail since it writes it out that way. So it's
>> sort of a tricky issue to solve. Not sloppiness.
> To be clear, I think the documentation page that Scott linked talks
> about SHA-1 not because someone misread the checksum file but simply
> because it's _old_. It was written at a time when the checksums actually
> where SHA-1. Note the reference to Fedora 7.
> I think the above page needs to be updated to refer to SHA-256
> checksums. Also, both it and might
> benefit from explicitly mentioning the potential confusion between the
> signature algorithm and the checksum algorithm, until F13 is current.

As you can read from the link to fedora-websites list, updating that
documentation requires a Windows utility we can trust on.


More information about the fedora-test-list mailing list