Re: How APT signs packages

To: debian-user@lists.debian.org
Subject: Re: How APT signs packages
From: Lars Nooden <lars.nooden@gmail.com>
Date: Fri, 19 Oct 2012 13:43:46 +0300 (EEST)
Message-id: <[🔎] alpine.BSO.2.02.1210191331500.11063@yeeloong.dhcp.inet.fi>
In-reply-to: <[🔎] 20121019102759.GD21479@fernst.no-ip.org>
References: <[🔎] alpine.BSO.2.02.1210191228260.11063@yeeloong.dhcp.inet.fi> <[🔎] 20121019094041.GB8347@darac.org.uk> <[🔎] alpine.BSO.2.02.1210191311000.11063@yeeloong.dhcp.inet.fi> <[🔎] 20121019102759.GD21479@fernst.no-ip.org>

On Fri, 19 Oct 2012, Florian Ernst wrote:
...
> ***apt has supported sha256 checksums since version 0.7.7, so these will
> be used in lenny and future releases. --JoeyHess
> ----- >8 -----
> 
> in the comments of the very same page as well as check your
> /var/lib/apt/lists/*_{Release,Packages} for verification.

Thanks.  One comment claimed that from Lenny onwards SHA256 checksums 
would be used.  But in Squeeze, *_Release still has MD5 checksums, at 
least for the repository I have.  So it looks like the infrastructure 
supports SHA but it's still needed to do the tedious work of migration.

Is there any archive of why the move was not made for Lenny or later?

Regards,
/Lars

Reply to:

Follow-Ups:
- Re: How APT signs packages
  - From: Sven Joachim <svenjoac@gmx.de>

References:
- How APT signs packages
  - From: Lars Nooden <lars.nooden@gmail.com>
- Re: How APT signs packages
  - From: Darac Marjal <mailinglist@darac.org.uk>
- Re: How APT signs packages
  - From: Lars Nooden <lars.nooden@gmail.com>
- Re: How APT signs packages
  - From: Florian Ernst <florian_ernst@gmx.net>

Prev by Date: Re: How APT signs packages
Next by Date: Re: How APT signs packages
Previous by thread: Re: How APT signs packages
Next by thread: Re: How APT signs packages
Index(es):
- Date
- Thread