Re: [PATCH] Make it clear that 'Hash: SHA1' does not specify the checksum hash

Ricky Zhou <ricky@xxxxxxxxxxxxxxxxx> · Thu, 19 Nov 2009 17:25:23 -0500

On 2009-11-19 05:19:58 PM, Todd Zullinger wrote:
> This should only be needed until the rel-eng adds some explanatory text
> directly to the *-CHECKSUM files.  This is planned for F13 (by Oxf13 ;).
> ---
> 
> Thoughts?  Is 'warning' too strong?  I wasn't sure if 'note' would
> stand out enough.  Perhaps I'm just grumpy after seeing so much
> confusion about this. ;)
> 
> I'm also torn about the placement.  It might be better to move up to
> the top of the page, above the "Windows user?" note.
> 
>  fedoraproject.org/data/content/verify.html |    3 +++
>  1 files changed, 3 insertions(+), 0 deletions(-)
> 
> diff --git a/fedoraproject.org/data/content/verify.html b/fedoraproject.org/data/content/verify.html
> index f763b01..51a2402 100644
> --- a/fedoraproject.org/data/content/verify.html
> +++ b/fedoraproject.org/data/content/verify.html
> @@ -27,6 +27,9 @@
>        <li><a href="https://fedoraproject.org/static/checksums/Fedora-12-i686-Live-KDE-CHECKSUM";>i386 (KDE)</a></li>
>        <li><a href="https://fedoraproject.org/static/checksums/Fedora-12-x86_64-Live-KDE-CHECKSUM";>x86_64 (KDE)</a></li>
>      </ul>
> +    <p class="warning">
> +    ${Markup(_('Please note that the &lt;i&gt;Hash: SHA1&lt;/i&gt; line in the CHECKSUM file is part of the PGP signature.  It does &lt;b&gt;not&lt;/b&gt; specify the type of hash used to verify the .iso files.'))}
> +    </p>
>      <p>
>      ${Markup(_('Next, import Fedora\'s GPG key(s):'))}
>      </p>
> -- 
> 1.6.5.2
Tiny thing, I'd use <emph> instead of <i> for this.   Also, it might be 
good to place this above the checksum links at least for those that just 
click the links immediately.

While we're making changes to this page, there's also the issue that 
http://docs.fedoraproject.org/readme-burning-isos/en_US/sn-validating-files.html 
is woefully out of date and still references SHA1 for those that click 
on the Windows user link :-(

Not what can really be done abou that last bit though.

Thanks,
Ricky
Attachment:
pgp8N1VYYcIjW.pgp

Description: PGP signature
-- 
Fedora-websites-list mailing list
Fedora-websites-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-websites-list