SHA1 and 256 (again) :)
Scott Robbins
scottro at nyc.rr.com
Thu Nov 19 03:49:52 UTC 2009
On Wed, Nov 18, 2009 at 10:23:55PM -0500, Todd Zullinger wrote:
> Adam Williamson wrote:
>
> Unfortunately, this didn't happen in time for Fedora 12. But seeing
> that it's been broken since Fedora 11, another week or two shouldn't
> kill us. :)
It won't kill us, but sheesh, you should see some of the comments on the
forums. :) It really only becomes an issue during a new release.
As I said in my original post, it's a relatively minor issue--the
majority of folks who don't know how to use google will post a complaint
in the forums and get their answer--sometimes sympathetic, sometimes
rude, but they'll get their answer.
> NOTE: Please don't confuse the 'Hash:' line in the *CHECKSUM file,
> (which is part of the PGP signature) with the type of hash
> algorithm used to verify the .iso files
>
> might only server to add confusion to those who weren't already
> confused. I think many of the users who were confused downloaded via
> the torrents and likely never saw the fp.o/verify page at all anyway.
I agree with that. A very simple comment, such as your suggestion,
should be ample, and cause less confusion than a detailed explanation.
(I'm leaving in your suggestion for those who missed it the first time.)
:)
>
> I think something along the lines of:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> To verify the file(s) listed below, run:
>
> sha256sum -c Fedora-12-i686-Live-CHECKSUM'
>
> See https://fedoraproject.org/verify for more details.
--
Scott Robbins
PGP keyID EB3467D6
( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 )
gpg --keyserver pgp.mit.edu --recv-keys EB3467D6
Spike: So when do we destroy the world, already?
More information about the test
mailing list