On Wed, Jan 14, 2026 at 11:10:43AM +0100, Neal H. Walfield via devel wrote: ...snip... > > Ideally, the link to the checksum file should be to Fedora's > infrastructure and not the same mirror as the iso. > > > > Another approach would be to directly sign the iso instead of the > > > checksum file. > > > > Absolutely. The sha256sum detour adds only complexity and pitfalls. A > > detached signature of the ISO file would be much easier and safer for > > the user. > > Do you know who would be the right person to approach about this > change?
https://gitlab.com/fedora/websites-apps/fedora-websites/fedora-websites-3.0 kevin -- _______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
