Re: no-strong-digests-in-dsc MBF

To: debian-devel@lists.debian.org
Subject: Re: no-strong-digests-in-dsc MBF
From: Ansgar Burchardt <ansgar@debian.org>
Date: Tue, 17 Jan 2017 23:55:10 +0100
Message-id: <[🔎] 87d1fle1pt.fsf@deep-thought.43-1.org>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20170117215316.lqbnnqw7a6zrovcp@localhost> (Adrian Bunk's message of "Tue, 17 Jan 2017 23:53:16 +0200")
References: <[🔎] 20170117215316.lqbnnqw7a6zrovcp@localhost>

Adrian Bunk writes:
> I want to do a MBF for all packages without a SHA256 checksum field
> in the .dsc [1] - only SHA1 as hash would not be good in stretch.

Why?  The Sources index should have a stronger hash either way.

If you care about stronger hashes in the .dsc itself, wouldn't the .dsc
itself be need to be signed by a stronger hash?  I would expect there
are still a lot more .dsc with "Hash: SHA1" in the archive.

Ansgar

Reply to:

References:
- no-strong-digests-in-dsc MBF
  - From: Adrian Bunk <bunk@debian.org>

Prev by Date: no-strong-digests-in-dsc MBF
Next by Date: Re: no-strong-digests-in-dsc MBF
Previous by thread: no-strong-digests-in-dsc MBF
Next by thread: Re: no-strong-digests-in-dsc MBF
Index(es):
- Date
- Thread