[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Reasons for having SHA512?
On 12.06.2011 22:16, Aleksey Cheusov wrote:
> While cksums from SHA512 is definitely useful I'm thinking about is
> SHA512.gz file itself is really necessary. We can store cksums inside
> pkg_summary(5), for example, like the following.
> COMMENT=Command-line utility to rip and encode an audio CD
> CKSUM=<cksum_type> <cksum>
> where <cksum_type> is sha512, rmd160, md5 or anything else supported by
> My idea is to provide _single_ file (signed!) containing everything
> needed for package management.
Seems like a good idea to me; however, from a package management
perspective, I believe that single signed pkg_summary file (the one you
propose, with a list of cksums) AND per-package signature should be both
Please ignore my remark if that's not what you propose.
Main Index |
Thread Index |