Bug#819664: .sign suffix?
Hallo,
* Steve McIntyre [Mon, Sep 26 2016, 03:14:21PM]:
> On Mon, Sep 26, 2016 at 09:10:37AM +0200, Stéphane Blondon wrote:
> >Hello,
> >
> >Le 25/09/2016 à 17:57, Eduard Bloch a écrit :
> >> I am slightly wondering about this new filename ending .sign. IMHO the
> >> usual pattern for such files was .gpg before (for example: Release.gpg).
> >>
> >> This .sign looks weird, it does not tell you which format the data
> >> inside might have.
> >
> >Can you provide an example where the extension has changed?
> >
> >There are signatures ending with .sign for each cd, dvd, etc. images but
> >the suffix seems to be always .sign since release 3.1:
> >http://cdimage.debian.org/cdimage/archive/3.1_r0/i386/iso-cd/
> >
> >it's like today:
> >http://cdimage.debian.org/debian-cd/8.6.0/amd64/iso-cd/
> >
> >The scheme is
> >{MD5, SHAx}SUMS : the checksum according to each algorithm
> >{MD5, SHAx}SUMS.sign : the checksum signed by a Debian CD signing key
>
> Exactly - we've been using the .sign filenames for many years for CD
> releases.
Uhm, ok, sorry, please forgive my failure to research.
Best regards,
Eduard.
Bug#819664: .sign suffix?
On Mon, Sep 26, 2016 at 09:10:37AM +0200, Stéphane Blondon wrote:
>Hello,
>
>Le 25/09/2016 à 17:57, Eduard Bloch a écrit :
>> I am slightly wondering about this new filename ending .sign. IMHO the
>> usual pattern for such files was .gpg before (for example: Release.gpg).
>>
>> This .sign looks weird, it does not tell you which format the data
>> inside might have.
>
>Can you provide an example where the extension has changed?
>
>There are signatures ending with .sign for each cd, dvd, etc. images but
>the suffix seems to be always .sign since release 3.1:
>http://cdimage.debian.org/cdimage/archive/3.1_r0/i386/iso-cd/
>
>it's like today:
>http://cdimage.debian.org/debian-cd/8.6.0/amd64/iso-cd/
>
>The scheme is
>{MD5, SHAx}SUMS : the checksum according to each algorithm
>{MD5, SHAx}SUMS.sign : the checksum signed by a Debian CD signing key
Exactly - we've been using the .sign filenames for many years for CD
releases.
--
Steve McIntyre, Cambridge, UK.st...@einval.com
You lock the door
And throw away the key
There's someone in my head but it's not me
Bug#819664: .sign suffix?
Hello,
Le 25/09/2016 à 17:57, Eduard Bloch a écrit :
> I am slightly wondering about this new filename ending .sign. IMHO the
> usual pattern for such files was .gpg before (for example: Release.gpg).
>
> This .sign looks weird, it does not tell you which format the data
> inside might have.
Can you provide an example where the extension has changed?
There are signatures ending with .sign for each cd, dvd, etc. images but
the suffix seems to be always .sign since release 3.1:
http://cdimage.debian.org/cdimage/archive/3.1_r0/i386/iso-cd/
it's like today:
http://cdimage.debian.org/debian-cd/8.6.0/amd64/iso-cd/
The scheme is
{MD5, SHAx}SUMS : the checksum according to each algorithm
{MD5, SHAx}SUMS.sign : the checksum signed by a Debian CD signing key
Do you talk about other signatures?
--
Stéphane
signature.asc
Description: OpenPGP digital signature
Bug#819664: .sign suffix?
Hello, I am slightly wondering about this new filename ending .sign. IMHO the usual pattern for such files was .gpg before (for example: Release.gpg). This .sign looks weird, it does not tell you which format the data inside might have. Please reconsider the filenames. Regards, Eduard.
