Hello, On 06/28/2017 07:42 AM, Daniel Shahaf wrote: > Andreas Stieger wrote on Sat, 10 Jun 2017 12:24 +0200: >> Found this laying around... maybe someone who previously made releases >> could check it out. > > Any news about this patch? I have some pending tweaks to release.py and > don't want to conflict.
No news. > As I said about an earlier iteration: I think the main question is whether we > want to provide both sha1 and sha2 hashes for a transition period. I.e., do > we try for compatibility or force people to switch over to sha2. Those that may fail to change their "verification" from sha-1 to sha-2 may not have been very useful in any kind of verification in the first place. So unless there is a technical reason (which I do not see) I would just change it. Andreas -- Andreas Stieger <astie...@suse.com> Project Manager Security SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
signature.asc
Description: OpenPGP digital signature
