Re: Simplify download distribution directory by dropping sha1 hashes?

On Tue, Oct 24, 2017 at 2:50 AM, Luca Toscano wrote: > > 2017-10-23 20:36 GMT+02:00 William A Rowe Jr : >> >> HTTPD team, >> >> Since our downloads are to be authenticated by their .asc PGP >> signatures, and the hashes simply serve as checksums, is it

Re: Simplify download distribution directory by dropping sha1 hashes?

> Am 23.10.2017 um 20:36 schrieb William A Rowe Jr : > > HTTPD team, > > Since our downloads are to be authenticated by their .asc PGP > signatures, and the hashes simply serve as checksums, is it reasonable > to offer only MD5 and SHA256 at this point? > > Anyone without

Re: Simplify download distribution directory by dropping sha1 hashes?

2017-10-23 20:36 GMT+02:00 William A Rowe Jr : > HTTPD team, > > Since our downloads are to be authenticated by their .asc PGP > signatures, and the hashes simply serve as checksums, is it reasonable > to offer only MD5 and SHA256 at this point? > > Anyone without SHA256

AW: Simplify download distribution directory by dropping sha1 hashes?

Sounds reasonable to me. Regards Rüdiger > -Ursprüngliche Nachricht- > Von: William A Rowe Jr [mailto:wr...@rowe-clan.net] > Gesendet: Montag, 23. Oktober 2017 20:37 > An: httpd <dev@httpd.apache.org> > Betreff: Simplify download distribution directory by d

Re: Simplify download distribution directory by dropping sha1 hashes?

+1 -- Daniel Ruggeri Original Message From: William A Rowe Jr <wr...@rowe-clan.net> Sent: October 23, 2017 1:36:31 PM CDT To: httpd <dev@httpd.apache.org> Subject: Simplify download distribution directory by dropping sha1 hashes? HTTPD team, Since o

Simplify download distribution directory by dropping sha1 hashes?

HTTPD team, Since our downloads are to be authenticated by their .asc PGP signatures, and the hashes simply serve as checksums, is it reasonable to offer only MD5 and SHA256 at this point? Anyone without SHA256 (rare, I'd expect) can use MD5 as the simplest supported checksum. All others should