[jira] [Commented] (JCR-4378) MD5 and SHA1 should no longer be provided on download pages

Sebb (JIRA) Mon, 01 Oct 2018 07:48:24 -0700


    [ 
https://issues.apache.org/jira/browse/JCR-4378?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16634113#comment-16634113
 ]


Sebb commented on JCR-4378:
---------------------------

> Please clarify "this".

I was replying to the immediately preceeeding comment:

https://issues.apache.org/jira/browse/JCR-4378?focusedCommentId=16633839&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-16633839


> MD5  and SHA1 should no longer be provided on download pages
> ------------------------------------------------------------
>
>                 Key: JCR-4378
>                 URL: https://issues.apache.org/jira/browse/JCR-4378
>             Project: Jackrabbit Content Repository
>          Issue Type: Bug
>            Reporter: Sebb
>            Assignee: Julian Reschke
>            Priority: Major
>
> As the subject says: SHA1 is deprecated and should no longer be linked from 
> download pages.
> New releases should have sha256 and/or sha512 hashes instead.
> If a historic release only has a SHA1 hash, that can be retained, but ideally 
> it can be replaced with a better sha256/512 one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (JCR-4378) MD5 and SHA1 should no longer be provided on download pages

Reply via email to