Hi Fahad, FAD Linux wrote: > I just want to mention that the checksum file has the type of hash > as SHA1 while it is actually SHA256. > > https://fedoraproject.org/static/checksums/Fedora-12-i386-CHECKSUM > ---------------------- > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 The 'Hash: SHA1' line is part of the GPG signature. It has nothing to do with the type of checksum used in the *-CHECKSUM files. Many people mistakenly assume that it does, unfortunately. Perhaps we need to make that clear on the /verify page so folks don't make the flawed assumption that these things are related? If you follow the documentation on https://fedoraproject.org/en/verify all is well, as the page explicitly states that the sha256sum command is what should be used -- and those instructions are correct. Thanks for checking though. -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The problem with politics isn't the money; it's the power. -- Harry Browne
Attachment:
pgpvaPYjiQBNp.pgp
Description: PGP signature
-- Fedora-websites-list mailing list Fedora-websites-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-websites-list
