[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Rick Stevens wrote:
> This has been discussed before on the list.
>
> The header indicates that the checksum file _itself_ was signed with
> an SHA1 checksum.  The checksums _inside_ the checksum file are the
> SHA256 checksums of the various .iso images.

And this is why we added the large red warning about this to the web
page on verification: https://fedoraproject.org/verify :)

-- 
Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Finagle's Second Law: No matter what the anticipated result, there
will always be someone eager to (a) misinterpret it, (b) fake it, or
(c) believe it happened according to his own pet theory.
    -- Anonymous

Attachment: pgpP8XsrDczt6.pgp
Description: PGP signature

-- 
fedora-list mailing list
[email protected]
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]
  Powered by Linux