On 08/15/2018 08:52 PM, Emmanuel Lécharny wrote: > Hi, > > there is a requirement regarding the reeases: MD5 signatures must be > removed for old releases : > > -- for past releases : > -- you are not required to change anything ; > -- it would be nice if you fixed your dist area ; > -- start with : cleanup ; rename .sha's ; remove .md5's > > Here is a page listing the projects reeases that requires to be cleaned up: > > https://checker.apache.org/projs/directory.html > > I have started the removal of md5 signatures (for studio). > > Now, I can also re-sign all the packages with SHA-256 and SHA-512,but > i'm not sure it's really required. > > One of the implication is that the web pages have to be updated, > something I can take care of. > > WDYT ?
Is it urgent? Or sufficient to do when we anyway publish a new release? I mean ApacheDS should be released in 2 days, Studio will follow soon, A Kerby release seems also to be in preparation.