#237: tests to verify that torrents and mirrors contain signed checksum files
-----------------------+----------------------------------------------------
Reporter: robatino | Owner:
Type: task | Status: new
Priority: major | Milestone:
Component: Wiki | Version:
Resolution: | Keywords:
-----------------------+----------------------------------------------------
Comment (by robatino):
Replying to [comment:6 adamwill]:
What's the status here, Andre?
No change as far as I know.
[
https://fedoraproject.org/wiki/Release_Engineering_Release_Tickets] is
the same. We didn't have any problems with 16 Final, but that was just
because of the recent attention due to these tickets, not any process
change.
Are you stuck waiting on releng? Anything I can do to help move this
along? Is
https://fedorahosted.org/rel-eng/ticket/4986 relevant to this
issue too?
That ticket would greatly help making these kinds of mistakes less likely,
but I still think QA should be able to test _everything_ before release,
including checksum and torrent files, not just ISOs, as it's doing now.
There's another issue which I brought up in
[
https://bugzilla.redhat.com/show_bug.cgi?id=727387] which is that I think
it would be a good idea for the checksum files to include file sizes in
bytes, as comments. The original motivation is that most of our ISOs are
hybrid now, so if you burn it to media you can't read it off and verify
the checksum without knowing independently what the file size is (since
you can't trust the ISO header anymore). Also, truncation is probably the
most common form of corruption, and people downloading an ISO via browser
or a buggy bittorrent client don't know what the exact size is supposed to
be. If they did, they could just finish the last few KB instead of
downloading the full ISO a half dozen times. I'm not sure if that issue
belongs in one of these tickets. If the checksum files were to include
this, they would have to be changed separately for install and live
images, since I believe install checksums are made automatically by pungi,
and live checksums manually.
--
Ticket URL: <
https://fedorahosted.org/fedora-qa/ticket/237#comment:7>
Fedora QA <
http://fedorahosted.org/fedora-qa>
Fedora Quality Assurance