On Thu, 2009-11-19 at 02:26 +0530, Rahul Sundaram wrote: > On 11/19/2009 02:20 AM, Scott Robbins wrote: > > On Wed, Nov 18, 2009 at 12:30:37AM -0500, Scott Robbins wrote: > > > > As suspect, there's already posts on the forums about this. (Smugly > > mutters, "told ya so". :) > > > > Seriously, someone pointed out that some docmentation, the docs for > > burning CD's seem to indicate that one should use sha1. > > > > > > http://docs.fedoraproject.org/readme-burning-isos/en_US/sn-validating-files.html > > > > That should probably get fixed--I'm not sure if I have write access, and > > I don't have a Windows machine to test the instructions, so someone? > > Refer to > > https://www.redhat.com/archives/fedora-websites-list/2009-November/msg00047.html > > Note that changing HASH: SHA1 to anything else in the top of the file > will make the gpg check fail since it writes it out that way. So it's > sort of a tricky issue to solve. Not sloppiness. To be clear, I think the documentation page that Scott linked talks about SHA-1 not because someone misread the checksum file but simply because it's _old_. It was written at a time when the checksums actually where SHA-1. Note the reference to Fedora 7. I think the above page needs to be updated to refer to SHA-256 checksums. Also, both it and https://fedoraproject.org/en/verify might benefit from explicitly mentioning the potential confusion between the signature algorithm and the checksum algorithm, until F13 is current. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org http://www.happyassassin.net -- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list
