I checked
http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=1chap=5
and the Handbook only mentions validating MD5 checksums.
There are two possible issues:
1. Why are we using _only_ MD5 and SHA1 as the checksums? Shouldn't we
be using something stronger?
2. I noticed the checksums
On Sat, Oct 08, 2011 at 02:45:02PM -0700, Paweł Hajdan, Jr. wrote:
I checked
http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=1chap=5
and the Handbook only mentions validating MD5 checksums.
There are two possible issues:
1. Why are we using _only_ MD5 and SHA1 as the
On 10/8/11 3:43 PM, Robin H. Johnson wrote:
1. Why are we using _only_ MD5 and SHA1 as the checksums? Shouldn't we
be using something stronger?
Fixed in Catalyst now.
http://git.overlays.gentoo.org/gitweb/?p=proj/catalyst.git;a=commit;h=42b4f6608682cf03954918ecce7923330a1656fe
So when the
On Sat, Oct 08, 2011 at 04:39:40PM -0700, Paweł Hajdan, Jr. wrote:
On 10/8/11 3:43 PM, Robin H. Johnson wrote:
1. Why are we using _only_ MD5 and SHA1 as the checksums? Shouldn't we
be using something stronger?
Fixed in Catalyst now.
On Sat, Oct 8, 2011 at 6:43 PM, Robin H. Johnson robb...@gentoo.org wrote:
On Sat, Oct 08, 2011 at 02:45:02PM -0700, Paweł Hajdan, Jr. wrote:
I checked
http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=1chap=5
and the Handbook only mentions validating MD5 checksums.
There are two
On Sat, Oct 08, 2011 at 08:21:44PM -0400, Matt Turner wrote:
On Sat, Oct 8, 2011 at 6:43 PM, Robin H. Johnson robb...@gentoo.org wrote:
On Sat, Oct 08, 2011 at 02:45:02PM -0700, Paweł Hajdan, Jr. wrote:
I checked
http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=1chap=5
and the
On 10/8/11 5:01 PM, Robin H. Johnson wrote:
Ah, I just forgot about that page. Okay, so can we also update the
Handbook to include GPG signature checking?
It DOES already mention checking the signature:
http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=1chap=2#doc_chap3
That's good,
On Sat, Oct 8, 2011 at 5:41 PM, Paweł Hajdan, Jr.
phajdan...@gentoo.org wrote:
On 10/8/11 5:01 PM, Robin H. Johnson wrote:
Ah, I just forgot about that page. Okay, so can we also update the
Handbook to include GPG signature checking?
It DOES already mention checking the signature: