Ah, thanks fort he clarification, didnt know that.. so I would go with asc and
sha512 : )
Am 26.09.19, 01:39 schrieb "Justin Mclean" <jus...@classsoftware.com>:
Hi,
> we use asc for signing and sha256 or 512 is common for checksum, I think.
> This is used in many projects and should be fine and up to date.
That correct but you also have sha1 and md5s.
> @Justin Mclean or is there any official rule or policy about that?
Yes see [1] note the "and SHOULD NOT supply MD5 or SHA-1”.
Thanks,
Justin
1. https://www.apache.org/dev/release-distribution.html#sigs-and-sums
