[ https://issues.apache.org/jira/browse/IGNITE-1656?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15074405#comment-15074405 ]
Konstantin Boudnik commented on IGNITE-1656: -------------------------------------------- md5 and sha1 aren't recommended checksum'ing mechanisms - https://www.apache.org/dev/release-signing.html#md5-security - https://www.apache.org/dev/release-signing.html#sha1 The easiest way of solving this is to simply use gpg to calculate all checksums feasible at once, including sha512 {{gpg --print-mds apache-ignite-src.zip > apache-ignite-src.zip.mds}} which will produce something like this in case of the 1.5.0 release {noformat} apache-ignite-1.5.0.final-src.zip: MD5 = 57 49 4B FB 88 4A C7 36 70 F5 34 D9 E5 44 F1 D5 apache-ignite-1.5.0.final-src.zip: SHA1 = 860C FCD0 3A1C C4D0 8197 22DA D011 7FDC 2CAE 7F30 apache-ignite-1.5.0.final-src.zip: RMD160 = 0B1F BE1B C386 1406 C5F8 0FDA F2F1 EE51 D6DF 174B apache-ignite-1.5.0.final-src.zip: SHA224 = 3600D9C3 A277CF1D C94ECAE7 CCBAFC47 51BA766F 4733EBC0 DB834074 apache-ignite-1.5.0.final-src.zip: SHA256 = 7E8ED37B 20C80461 81B7CF9A C7E1ABE0 1B6F8D3E BDB00EC6 1B6E9ABF 4440310C apache-ignite-1.5.0.final-src.zip: SHA384 = 72F54390 F24E06A0 0AB04478 84FA5724 44FF8EE8 DBFDA895 D89E0F5D CC054BB6 38F81465 043B0000 B799B309 16303E6C apache-ignite-1.5.0.final-src.zip: SHA512 = 1719613A AF34DE7C 6D865201 BCAF5E56 1CFDBDD6 902AA796 3D3E51C6 0FC3CE23 57A9EA8E 8861AB84 71072F81 80BCB2BA 569866EB AF488478 09E5F982 082BC1B9 {noformat} > Get rid of md5 and sha1 in favor of sha512 > ------------------------------------------ > > Key: IGNITE-1656 > URL: https://issues.apache.org/jira/browse/IGNITE-1656 > Project: Ignite > Issue Type: Bug > Components: cache > Affects Versions: ignite-1.4 > Reporter: Ivan Veselovsky > Priority: Critical > Fix For: 1.6 > > > Description of the problem wrt sha1 is there: > https://sites.google.com/site/itstheshappening/ . -- This message was sent by Atlassian JIRA (v6.3.4#6332)