On Fri, Oct 9, 2015 at 2:02 PM, Konstantin Boudnik <[email protected]> wrote:
> Guys, > > We had to get rid of md5 sum long time ago, but it seems that sha1 is > hitting > the wall as well. Here's the good description of the problem: > https://sites.google.com/site/itstheshappening/ > > I'd suggest to scrape both of them in the next release. Any objections? > I am not sure if we need to scrape SHA1. People do not have to use it if they don't trust it. Are there any official ASF recommendations here? > > Cos > >
