On Wed, 2013-08-14 at 11:44 +0200, Till Maas wrote: > On Wed, Aug 14, 2013 at 12:21:23PM +0300, Artem Bityutskiy wrote: > > On Wed, 2013-08-14 at 10:37 +0200, Till Maas wrote: > > > On Wed, Aug 14, 2013 at 09:31:22AM +0300, Artem Bityutskiy wrote: > > > > > > > Other things like reading from remote sites, progress indicator, > > > > protecting your mounted disks, uncompressing on-the-fly, checking sha1 > > > > of the data ond of the bmap file itself - are goodies, although > > > > important ones. > > > > > > Why sha1? If the check is there for security reasons, please use at > > > least sha256. > > > > Should not be difficult to implement if there is demand. > > SHA-256 is used to create the signatures of other distributed files: > https://fedoraproject.org/static/checksums/Fedora-19-i386-CHECKSUM > > Therefore if bmap is used it should also use at least SHA 256. It is > recommended against using SHA-1 for more than 7 years now: > http://csrc.nist.gov/groups/ST/hash/policy_2006.html
Sure, good point, thank you, I'll implement sha-256 support. -- Best Regards, Artem Bityutskiy -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
