On 22.01.2017 00:17, Holger Levsen wrote: > We really ought to do the same. I'm all for keeping sha1+sha256, but > please let's *completely* drop md5sums for buster.
We already dropped SHA1, FWIW, so it's md5+sha256. And again, the Oracle announcement was about MD5-only, so isn't relevant to the discussion. I do sympathize with the "drop md5sum to see what breaks". But that's a discussion for after the release. And how you formulate your argument does not help your case. Kind regards Philipp Kern
