On Sat, Feb 18, 2012 at 11:48:27AM +0100, Thomas Koch wrote: > What about a debhelper script that receives an URL (or set of mirror > URLs) and a SHA1 and does the download and check?
Please use something stronger than SHA-1. SHA-1 has some weaknesses and something like SHA-256 or SHA-512 should be used in new applications. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
signature.asc
Description: Digital signature