Lee Clark wrote: > Thats odd > > your site says SHA1 You missed the large red notice on https://fedoraproject.org/verify as well as this paragraph in my previous reply: I wrote: > (The Hash: SHA1 line is part of the PGP signature. It has no relation > to the sha256 checksum data in the *-CHECKSUM files. > https://fedoraproject.org/verify has details on how to verify > downloads and does point out that sha256sum is what should be used.) This is a common misconception. We'll work on trying to make it clearer in future releases. Of course, there's only so much we can do. ;-) -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ When I think about all the crap I learned in high school ... it's a wonder I can think at all. -- Paul Simon
Attachment:
pgpaV1XPA2uQZ.pgp
Description: PGP signature
-- Fedora-websites-list mailing list Fedora-websites-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-websites-list
