Hi Gary, On Thu, Apr 19, 2018 at 6:34 PM, Gary Gregory <garydgreg...@gmail.com> wrote:
> Why not add SHA1 hashes? > >> Please see here about the Apache projects release signing procedure, relating to use of SHA, http://www.apache.org/dev/release-signing.html#sha-checksum It says, "Please note that further use of SHA-1 should be avoided. SHA512 is recommended." I hope this would answer the question. -- Regards, Mukul Gandhi
