Re: No longer supply SHA1 checksums for new releases

From: Julian Foad <julianfoad_at_apache.org>
Date: Mon, 13 Aug 2018 16:10:27 +0100

Daniel Shahaf wrote:
> I don't know if the distinction between "the Subversion developers
> assessed SHA-1 as too weak" and "ASF Infra assessed SHA-1 as too weak"
> is important enough to be drawn in the release notes. The technical argument
> and end result are the same regardless of who made the decision.
>
> HACKING could certainly mention this detail, though.

OK, your call, it was just a suggestion based on my preference for pointing to source material.

-- 
- Julian

Received on 2018-08-13 17:10:37 CEST

This message: [ Message body ]
Next message: Julian Foad: "Re: Intentions for 1.11 release timing"
Previous message: Daniel Shahaf: "Re: No longer supply SHA1 checksums for new releases"
In reply to: Daniel Shahaf: "Re: No longer supply SHA1 checksums for new releases"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]