[issue36316] Provide SHA256 checksums for installers

Benjamin Peterson added the comment: MD5 isn't a security measure. It's provided for a quick check of integrity. -- resolution: -> wont fix stage: -> resolved status: open -> closed ___ Python tracker

[issue36316] Provide SHA256 checksums for installers

Change by SilentGhost : -- nosy: +benjamin.peterson ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue36316] Provide SHA256 checksums for installers

New submission from fazl : Python is widely used and should use more trustworthy checksums than MD5. Even the successor to MD5 (SHA-1) was considered insecure in 2017. From https://nakedsecurity.sophos.com/2017/02/23/bang-sha-1-collides-at-38762cf7f55934b34d179ae6a4c80cadccbb7f0a/ : "For