what does this mean to the avg hacker ? do we need to fix our kit anyway ? On 4 June 2016 at 10:50, Russel Winder <rus...@winder.org.uk> wrote:
> On Fri, 2016-06-03 at 16:20 -0700, Konstantin Boudnik wrote: > > +1 [binding] > > > > signature is ok > > sha1 is ok > > rat is ok > > builds and produces functional binaries > > > > One small note: sha1 and md5 aren't considered secure, it'd make > > sense to > > switch into gpg generated checksums, perhaps. I can work on that in > > the next a > > couple of days, I guess > > > > Just to back this up, Debian now effectively refuses to recognize SHA1 > signatures for things. SHA256 or SHA512. > > -- > Russel. > > ============================================================================= > Dr Russel Winder t: +44 20 7585 2200 voip: > sip:russel.win...@ekiga.net > 41 Buckmaster Road m: +44 7770 465 077 xmpp: rus...@winder.org.uk > London SW11 1EN, UK w: www.russel.org.uk skype: russel_winder
