[arch-devops] Arch Linux ISO Checksums on archlinux.org
Jens Adam
jra at byte.cx
Mon Feb 22 16:21:27 UTC 2016
Mon, 22 Feb 2016 16:22:40 +0100
Christian Rebischke <Chris.Rebischke at archlinux.org>:
> What do you think about using SHA256 ( or even better SHA512 ) for
> this? Maybe we should also sign the ISO with a GPG-Key.
The ISO is already signed:
https://www.archlinux.org/iso/2016.02.01/archlinux-2016.02.01-dual.iso.sig
Dunno how it's done though, I would have expected something around here:
https://projects.archlinux.org/archiso.git/tree/configs/releng/build.sh#n204
... perhaps it's done manually on upload.
Also see https://bugs.archlinux.org/task/47775 and
https://lists.archlinux.org/pipermail/arch-releng/2016-February/003634.html
for a more universal/personal approach.
--byte
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 455 bytes
Desc: Digitale Signatur von OpenPGP
URL: <https://lists.archlinux.org/pipermail/arch-devops/attachments/20160222/35d11bb5/attachment.asc>
More information about the arch-devops
mailing list