FS#51260 - Arch website should provide SHA256 and/or SHA512 for ISO files
Attached to Project:
Arch Linux
Opened by Deactivated account (TechnicalTotoro) - Thursday, 06 October 2016, 19:40 GMT
Last edited by Gerardo Exequiel Pozzi (djgera) - Thursday, 06 October 2016, 20:42 GMT
Opened by Deactivated account (TechnicalTotoro) - Thursday, 06 October 2016, 19:40 GMT
Last edited by Gerardo Exequiel Pozzi (djgera) - Thursday, 06 October 2016, 20:42 GMT
|
Details
I have recently decided to start using Arch, but it concerns
me that you only provide MD5 hashsums and SHA1 hashsums for
ISO files, both of these are known to be susceptible to
collisions so it would be better to provide the hashums from
algorithms such as SHA256 or SHA512. So it would be good to
either provide both or one of those in either addition to
the current MD5 and SHA1 hashsums given, or in replacement
to them.
|
This task depends upon
Closed by Gerardo Exequiel Pozzi (djgera)
Thursday, 06 October 2016, 20:42 GMT
Reason for closing: Won't implement
Additional comments about closing: MD5/SHA1 is used like a CRC, in other words is for error detection, nothing more.
PGP is used as digital signature
error detection != security purposes.
Thursday, 06 October 2016, 20:42 GMT
Reason for closing: Won't implement
Additional comments about closing: MD5/SHA1 is used like a CRC, in other words is for error detection, nothing more.
PGP is used as digital signature
error detection != security purposes.