Re: [dev] file integrity github project

From: Laslo Hunhold <>
Date: Thu, 24 Aug 2017 17:38:32 +0200

On Thu, 24 Aug 2017 13:45:35 +0200
Hiltjo Posthuma <> wrote:

Hey Hiltjo,

> We must have scripts for this. Generating the SHA256 checksums was
> easy. There were 2 checksums missing for surf which were fixed. If we
> automate this then there is less chance to forget anything. We should
> remove MD5 and SHA1 checksum support.

agreed, SHA256 alone is sufficient imho.
> I think it's a good idea if we start to (optionally) sign (git)
> releases. This can be discussed further.

This is something I would support! :) We could go as far to tell to automatically generate tarballs and hashes from the
OpenPGP-signed git tags.

With best regards


Laslo Hunhold <>
Received on Thu Aug 24 2017 - 17:38:32 CEST

This archive was generated by hypermail 2.3.0 : Thu Aug 24 2017 - 17:48:23 CEST