On Mon, Oct 12, 2009 at 10:13 PM, Matthias Clasen <mclasen@xxxxxxxxxx> wrote:
> On Tue, 2009-10-13 at 08:36 +0530, Parag N(पराग़) wrote:
>> Hi all,
>> I want to know that is there really any compulsion on posting
>> md5sum instead sha1sum? Review Guidelines said "Reviewers should use
>> md5sum for this task." I have started posting sha1sum for source in
>> package review.
>
> That part of the review guidelines has always struck me as bizarre.
> After all, wouldn't it seem even better to compare the actual tarballs
> with each other, byte-by-byte, than relying on a checksum ?
Um. An easily reproducible, cryptographically strong checksum? :)
-Chris
--
Chris Weyl
Ex astris, scientia
--
Fedora-packaging mailing list
Fedora-packaging@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-packaging
