[jira] [Commented] (SLING-7534) Release policy - stop providing MD5 and start providing SHA-512 signatures

Konrad Windszus (JIRA) Fri, 26 Oct 2018 06:29:20 -0700


    [ 
https://issues.apache.org/jira/browse/SLING-7534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16665167#comment-16665167
 ]


Konrad Windszus commented on SLING-7534:
----------------------------------------

The most recent update to 
[https://www.apache.org/dev/release-distribution#sigs-and-sums] now states

{quote}
For new releases, PMCs MUST supply SHA-256 and/or SHA-512; and SHOULD NOT 
supply MD5 or SHA-1. Existing releases do not need to be changed.
{quote}

> Release policy - stop providing MD5 and start providing SHA-512 signatures
> --------------------------------------------------------------------------
>
>                 Key: SLING-7534
>                 URL: https://issues.apache.org/jira/browse/SLING-7534
>             Project: Sling
>          Issue Type: Task
>          Components: Tooling
>            Reporter: Robert Munteanu
>            Priority: Major
>             Fix For: Parent 35
>
>
> See http://www.apache.org/dev/release-distribution#sigs-and-sums , we SHOULD 
> no longer provide MD5 checksums for new releases.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (SLING-7534) Release policy - stop providing MD5 and start providing SHA-512 signatures

Reply via email to