Wolfgang S. Rupprecht wrote:
> Woudld it be possible to do the signature using SHA256 also? On one
> of the iso's I recently burned did have a checksum file with a gpg
> SHA256 signature hash. That was enough to remind me that I should
> be using the SHA256 for checksumming the iso.
Yes, that is generally a goal. The F-11 *-CHECKSUM files were signed
using a SHA-256 hash. One unfortunate effect of moving to the Sigul
signing server for F-12 is that controlling the hash used for gpg
signatures is more difficult and resulted in the default SHA-1 being
used.
However, while using SHA-256 every where is the goal, it's still good
to make people aware that the GPG Hash: header and the checksum used
for the .iso are not related at all. It seems that far too many
people make the mistaken assumption that they are. :/
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The trouble with being punctual is that nobody's there to appreciate
it.
-- Franklin P. Jones
Attachment:
pgpda1ZTabaai.pgp
Description: PGP signature
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
