[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: md5 hashes used in security announcements

Kees Cook wrote:
> Additionally, it doesn't matter -- it's just the md5 in the email
> announcement.  The Release and Packages files for the archive have SHA1
> and SHA256.  The md5 from the announcement is almost not important,
> IMO -- no one should download files individually from the announcement.

So if the Release and Packages files are using SHA1 and SHA256, why
aren't the announcements?


Reply to: