On 11/19/2009 06:04 AM, Ladislav Bodnar wrote: > On Thursday 19 November 2009, Rahul Sundaram wrote: >> Note that changing HASH: SHA1 to anything else in the top of the file >> will make the gpg check fail since it writes it out that way. So it's >> sort of a tricky issue to solve. Not sloppiness. > > Maybe it would be simpler to call the file SHA256SUM (or SHA256) instead of > CHECKSUM? As far as I remember, these files used to be called MD5SUM, then > SHA1SUM, which made it very clear what was inside. But with so many > different checksum standards, calling the file CHECKSUM is bound to lead to > confusion. I think the generic name was picked up because nobody believes that SHA256 hashes are going to be cryptographically secure for a long time and we are bound to switch to stronger checksums over a period of time but I think, a clear filename does make it more easier to avoid this mass confusion. Jesse Keating? Rahul -- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list
