https://bz.apache.org/bugzilla/show_bug.cgi?id=70073
Bug ID: 70073
Summary: Verifying Apache HTTP Server Releases: Validating
Authenticity of a Key confusing
Product: Apache httpd-2
Version: 2.5-HEAD
Hardware: All
URL: https://httpd.apache.org/dev/verification.html#Validat
ing
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: P4
Component: Documentation
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
The Validating Authenticity of a Key section of the Verifying Apache HTTP
Server Releases page is confusing. It starts with a long description matching
what the title suggests it contains, then says:
> In order to check the integrity of the downloaded file, you need to download
> the source and the related SHA256 hash.
> […]
It is unclear which relation there is between these 2 parts (the first 2 thirds
and the last one). The last third does not depend on the first 2, so the reader
will wonder what value the already confusing first 2 thirds bring if the last
one already checks the integrity.
By the way:
1. The SHA256 hash is not the only one (a SHA512 is provided).
2. https://www.apache.org/info/verification.html largely duplicates that page.
🅭🄍: https://www.philippecloutier.com/Common+infrastructure+licensing#its
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
