httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Guenter Knauf <fua...@apache.org>
Subject Re: [vote] release httpd-2.2.14?
Date Thu, 24 Sep 2009 15:58:44 GMT
Hi,
Graham Leggett schrieb:
> As the roll.sh script is the current authoritative mechanism for how md5
> signatures are created, and roll.sh makes no guarantee as to the format
> of the md5 file, all claims made to date that the signatures are in the
> wrong format are therefore false.
agreed, but the roll.sh is currently weak since the final format depends
entirely on who does a release on what machine - see here:
http://www.apache.org/dist/httpd/httpd-2.2.13.tar.bz2.md5
IIRC that was Jim doing this release ...
http://httpd.apache.org/dev/dist/httpd-2.2.14.tar.bz2.md5
and that's now what you generated ...

I think we should allways provide same format, be it the openssl one if
thats really the preferred, or the md5(sum) / sha1(sum) one...

and we should document somewhere how to verify automatically.

Gün.




Mime
View raw message