On Fri 01 May 2009 at 08:28PM, Danek Duvall wrote:
> On Fri, May 01, 2009 at 07:40:16PM -0700, Dan Price wrote:
>
> > Advice? I could downgrade to SHA1, but Darren has said that's bad.
> > I was trying to have good habits.
>
> While SHA-1 may not be the best thing to use to checksum arbitrary data,
> the thing we're downloading has to pass through gzip, tar, and a full
> python compile process, and our own tests on top of that. Given all that,
> and the fact that the checksums you've hardcoded in setup.py may or may not
> be trustworthy in the first place makes me think that SHA-1 is just fine
> for this particular application.
Ok, I'll recode using SHA1, and use the sha1 module.
-dp
--
Daniel Price, Solaris Kernel Engineering http://blogs.sun.com/dp
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
