Dear Kate,
Would each file still be described with an SHA-1 signature in version
2.0 as default?
Sorry if I misunderstood something, I don't seem to be able of finding a
draft for version 2.0 on the SPDX site and can't read the content for
the mentioned sections.
Perhaps it would be possible to provide a link where the draft can be
read?
My thanks in advance.
With kind regards,
Nuno Brito
---
http://triplecheck.de
Date: Wed, 13 Nov 2013 13:19:24 -0800 (PST)
From: [email protected]
To: "[email protected]" <[email protected]>
Subject: SPDX 2.0 - update the checksum?
Message-ID:
<[email protected]>
Content-Type: text/plain; charset="iso-8859-1"
Noticed this, and thinking we may want to give an option for our
checksum algorithms to be SHA-256 in 2.0 for 4.7, 4.8, and 6.3.
see:?http://it.slashdot.org/story/13/11/13/0154244/microsoft-warns-customers-away-from-rc4-and-sha-1
Kate
_______________________________________________
Spdx-tech mailing list
[email protected]
https://lists.spdx.org/mailman/listinfo/spdx-tech
