https://issues.apache.org/ooo/show_bug.cgi?id=122905
[email protected] changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|FIXED |--- --- Comment #17 from [email protected] --- Getting better, but the sentences don't read well. >>There is no need to do all verifications. It is sufficient to verify the >>signature, SHA256 or MD5 hash. However, it is recommended to prefer the >>SHA256 method than MD5.<< Would be better as >>There is no need to do all the verifications. The best is to check the GPG >>signature (.ASC) file. Failing that, use the SHA256 hash, otherwise use the >>MD5 hash.<< === >>When both SHA256 / MD5 hash values match it is indicated with an "<AOO >>file>.tar.gz: OK" statement.<< would be better as: >>If the hash matches this is indicated by "<AOO file>.tar.gz: OK".<< === >>Now compare both SHA256 / MD5 hash values.<< should be >>Now compare the hash generated by Openssl with the value in the file<< -- You are receiving this mail because: You are on the CC list for the bug. You are watching all bug changes.
