t;> Hi Oleg,
>>
>> Both MD5 and SHA1 are deprecated and can't be considered as trustfull.
>>
>> I think at-least-256 bit member of the SHA-2 family (e. g. sha512) should
>> be used.
>>
>> Sincerely,
>> Dmitriy Pavlov
>>
>> ср, 26 июл. 2017 г. в
to decide what сhecksum algorythm we should use for signing release
> artifacts. Currently we use md5 and sha-1. sha-1 will be replaced by
> sha-256 soon. Should we keep md5 or use only sha-256?
>
Hi,
We need to decide what сhecksum algorythm we should use for signing release
artifacts. Currently we use md5 and sha-1. sha-1 will be replaced by
sha-256 soon. Should we keep md5 or use only sha-256?