[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: No longer supply SHA1 checksums for new releases

From: Julian Foad <julianfoad_at_apache.org>
Date: Mon, 13 Aug 2018 16:10:27 +0100

Daniel Shahaf wrote:
> I don't know if the distinction between "the Subversion developers
> assessed SHA-1 as too weak" and "ASF Infra assessed SHA-1 as too weak"
> is important enough to be drawn in the release notes. The technical argument
> and end result are the same regardless of who made the decision.
> HACKING could certainly mention this detail, though.

OK, your call, it was just a suggestion based on my preference for pointing to source material.

- Julian
Received on 2018-08-13 17:10:37 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.