Re: (forw) Release file changes

To: debian-boot@lists.debian.org
Subject: Re: (forw) Release file changes
From: Joey Hess <joeyh@debian.org>
Date: Mon, 21 Feb 2011 17:37:00 -0400
Message-id: <[🔎] 20110221213659.GA25471@gnu.kitenet.net>
Mail-followup-to: debian-boot@lists.debian.org
In-reply-to: <[🔎] 20110221061332.GH24288@mykerinos.kheops.frmug.org>
References: <[🔎] 20110221061332.GH24288@mykerinos.kheops.frmug.org>

Christian PERRIER wrote:
> See Ganneff's last remark about D-I images. We should maybe provide
> more hashes of D-I images, from what I understand.

Looking at the Release file contents, I don't think we need to.
It already has sha1 and sha256 checksums of the d-i files now.
ftp://ftp.debian.org/debian/dists/unstable/Release

The only reason to provide standalone MD5SUM or other files is for users
who want a rough check of a d-i image, not something with a
cryptographically secure trust path.

The real d-i fallout from the Release file changes is that it breaks
debootstrap (and cdebootstrap but I am not going to spend any time on
that).

-- 
see shy jo

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: (forw) Release file changes
  - From: Joey Hess <joeyh@debian.org>

References:
- (forw) Release file changes
  - From: Christian PERRIER <bubulle@debian.org>

Prev by Date: Processed: your mail
Next by Date: Re: kfreebsd-* daily builds (D-I)
Previous by thread: (forw) Release file changes
Next by thread: Re: (forw) Release file changes
Index(es):
- Date
- Thread