[jira] [Created] (OOZIE-3189) Update the release script and wiki page to use sha512 instead of md5

Robert Kanter (JIRA) Mon, 05 Mar 2018 10:20:18 -0800

Robert Kanter created OOZIE-3189:
------------------------------------

             Summary: Update the release script and wiki page to use sha512 
instead of md5
                 Key: OOZIE-3189
                 URL: https://issues.apache.org/jira/browse/OOZIE-3189
             Project: Oozie
          Issue Type: Improvement
          Components: scripts
            Reporter: Robert Kanter
            Assignee: Robert Kanter
             Fix For: 5.0.0



Apache has updated it's policy on the release signatures, as per it's website 
[here|https://www.apache.org/dev/release-distribution#sigs-and-sums] and a 
recent email.  Basically, all future releases should be providing a sha512 
checksum instead of an md5 one.

There are two tasks:
# Update the release script to use sha512 instead of md5
https://github.com/apache/oozie/blob/master/bin/create-release-artifact#L71
# Update the wiki (requires committer/pmc permissions?)
https://cwiki.apache.org/confluence/display/OOZIE/How+To+Release

While we're updating the wiki, we should add details on:
# Making sure the gpg key used for signing releases is 4096 bit RSA
# Publishing your gpgp public key to a key server 
(https://www.apache.org/dev/release-signing#keyserver)



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (OOZIE-3189) Update the release script and wiki page to use sha512 instead of md5

Reply via email to