On Fri, 2012-10-19 at 12:27 +0200, Florian Ernst wrote:
There aren't any. That is, there aren't any such plans *anymore*, as
SHA256 is already in use and that page is partially misleading, cf.
I recently started a discussion on debian-devel about moving to even stronger
hashes like SHA512 or
Hi,
Where can I find an uptodate description of exactly how PGP is used by APT
in packaging? I can't find the source any more but I got the impression
that the individual packages were not signed but merely checksummed and
that the list of checksums was the only thing that was actually
On Fri, Oct 19, 2012 at 12:28:36PM +0300, Lars Nooden wrote:
Hi,
Where can I find an uptodate description of exactly how PGP is used by APT
in packaging? I can't find the source any more but I got the impression
that the individual packages were not signed but merely checksummed and
On Fri, 19 Oct 2012, Darac Marjal wrote:
On Fri, Oct 19, 2012 at 12:28:36PM +0300, Lars Nooden wrote:
Hi,
Where can I find an uptodate description of exactly how PGP is used by APT
in packaging? I can't find the source any more but I got the impression
that the individual packages
Hello there,
On Fri, Oct 19, 2012 at 01:14:44PM +0300, Lars Nooden wrote:
On Fri, 19 Oct 2012, Darac Marjal wrote:
[...]
[1] http://wiki.debian.org/SecureApt
Thanks. The weak point, relatively speaking, looks to be the MD5
checksums in Releases. The link above [1] says MD5 is now a
On Fri, 19 Oct 2012, Florian Ernst wrote:
...
***apt has supported sha256 checksums since version 0.7.7, so these will
be used in lenny and future releases. --JoeyHess
- 8 -
in the comments of the very same page as well as check your
/var/lib/apt/lists/*_{Release,Packages} for
On 2012-10-19 12:43 +0200, Lars Nooden wrote:
On Fri, 19 Oct 2012, Florian Ernst wrote:
...
***apt has supported sha256 checksums since version 0.7.7, so these will
be used in lenny and future releases. --JoeyHess
- 8 -
in the comments of the very same page as well as check your
7 matches
Mail list logo