On 11/19/2009 04:45 AM, Adam Williamson wrote: > On Thu, 2009-11-19 at 03:59 +0530, Rahul Sundaram wrote: > >>> I think the above page needs to be updated to refer to SHA-256 >>> checksums. Also, both it and https://fedoraproject.org/en/verify might >>> benefit from explicitly mentioning the potential confusion between the >>> signature algorithm and the checksum algorithm, until F13 is current. >> >> As you can read from the link to fedora-websites list, updating that >> documentation requires a Windows utility we can trust on. > > I disagree. The page could still be updated to say that the checksums > are SHA-256, even before a Windows utility for checking such checksums > is available. This would still be far more valuable (and accurate) than > the current situation, in which the page is essentially lying to people > by telling them the checksums are SHA-1. Don't make the perfect the > enemy of the better. :) I was responding to your earlier point about updating the document and not the latter point about updating the verify website page. There is nothing to disagree, really. Rahul -- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list
