Pierre-Arnaud Marcelot schrieb:
> On Jan 15, 2008 12:09 PM, Felix Knecht <felixk@apache.org
> <mailto:felixk@apache.org>> wrote:
>
> 3°/ We can remove the sha and md5 checksum files from the repository,
> but this works only if eclipse doesn't has any internal checksums.
>
>
> Unfortunaltely, the SHA1 checksum we are talking about is inside the
> jar... In the manifest and other files...
Are we talking about i.e. org.eclipse.search_3.3.1.r331_v20070831_0800.jar
META-INF/ECLIPSE.RSA ?
Looks to me as created with a Verisign Certificate (which we hardly have):
cat META-INF/ECLIPSE.RSA
10 H÷
0*H÷
*H÷
0_1<0¥pº*H÷4¶8Ê{̺¿0
0 UUS10U
VeriSign, Inc.1705U
280801235959Z0_1 .Class 3 Public Primary Certification Authority0
0 UUS10U
VeriSign, Inc.1705U
0É\Yò´ß@ÛãW¯jE@ .Class 3 Public Primary Certification Authority00
Ñ3ÙÙÏîX%÷*¨Dªìx¹ª#}Ö¬¢cEÇr'ÌôLÆuqÒ9ïOBðuß
»L+Ï,&OݦûüÉç± ËS¥ç=¾}þ$E3Üví¢qdLe.hE§0
0_10( A¡*H÷ßÏIef8LuÂ0SðNÖ&ÀvW^!ñѱÿçÐ!XÍiãDD9\ÜVí¢EL令=ð2ñÎøèÉQæbæÀ}·rÉ6:kN¨ÿd
0 UUS10U
VeriSign, Inc.1705U
140715235959Z0´1 .Class 3 Public Primary Certification Authority0
0 UUS10U
VeriSign, Inc.10U
VeriSign Trust Network1;09U
0 *H÷ 2Terms of use at https://www.verisign.com/rpa
(c)041.0,U%VeriSign Class 3
Code Signing 2004 CA0"0
<snip />
Felix
|