Author: stevehay Date: Sun Oct 6 13:25:34 2019 New Revision: 1868059 URL: http://svn.apache.org/viewvc?rev=1868059&view=rev Log: Use SHA256/SHA512 checksums rather than MD5/SHA1 as required by https://www.apache.org/dev/release-distribution
Also, prefer https: links over http: links. Modified: perl/site/download/index.html Modified: perl/site/download/index.html URL: http://svn.apache.org/viewvc/perl/site/download/index.html?rev=1868059&r1=1868058&r2=1868059&view=diff ============================================================================== --- perl/site/download/index.html (original) +++ perl/site/download/index.html Sun Oct 6 13:25:34 2019 @@ -772,31 +772,31 @@ <li>mod_perl 2.0: Version 2.0.11 - October 5, 2019<br> For use with Apache 2.0.x / 2.2.x / 2.4.x <br/> - <a href="http://www.apache.org/dyn/closer.cgi/perl/mod_perl-2.0.11.tar.gz">Download</a> + <a href="https://www.apache.org/dyn/closer.cgi/perl/mod_perl-2.0.11.tar.gz">Download</a> [ - <a href="http://www.apache.org/dist/perl/mod_perl-2.0.11.tar.gz.asc">PGP</a> + <a href="https://www.apache.org/dist/perl/mod_perl-2.0.11.tar.gz.asc">PGP</a> ] [ - <a href="http://www.apache.org/dist/perl/mod_perl-2.0.11.tar.gz.md5">MD5</a> + <a href="https://www.apache.org/dist/perl/mod_perl-2.0.11.tar.gz.sha256">SHA256</a> ] [ - <a href="http://www.apache.org/dist/perl/mod_perl-2.0.11.tar.gz.sha1">SHA1</a> + <a href="https://www.apache.org/dist/perl/mod_perl-2.0.11.tar.gz.sha512">SHA512</a> ] | - <a href="http://svn.apache.org/repos/asf/perl/modperl/tags/2_0_11">Browse</a> | - <a href="http://svn.apache.org/repos/asf/perl/modperl/tags/2_0_11/Changes">Changes</a> | + <a href="https://svn.apache.org/repos/asf/perl/modperl/tags/2_0_11">Browse</a> | + <a href="https://svn.apache.org/repos/asf/perl/modperl/tags/2_0_11/Changes">Changes</a> | <a href="../docs/2.0/user/install/install.html">Installation</a> </li> <li>mod_perl 1.0: Version 1.31 - May 11, 2009<br> For use with Apache 1.3.x <br/> - <a href="http://www.apache.org/dyn/closer.cgi/perl/mod_perl-1.31.tar.gz">Download</a> + <a href="https://www.apache.org/dyn/closer.cgi/perl/mod_perl-1.31.tar.gz">Download</a> [ - <a href="http://www.apache.org/dist/perl/mod_perl-1.31.tar.gz.asc">PGP</a> + <a href="https://www.apache.org/dist/perl/mod_perl-1.31.tar.gz.asc">PGP</a> ] [ - <a href="http://www.apache.org/dist/perl/mod_perl-1.31.tar.gz.md5">MD5</a> + <a href="https://www.apache.org/dist/perl/mod_perl-1.31.tar.gz.md5">MD5</a> ] [ - <a href="http://www.apache.org/dist/perl/mod_perl-1.31.tar.gz.sha1">SHA1</a> + <a href="https://www.apache.org/dist/perl/mod_perl-1.31.tar.gz.sha1">SHA1</a> ] | - <a href="http://svn.apache.org/repos/asf/perl/modperl/tags/1_31">Browse</a> | - <a href="http://svn.apache.org/repos/asf/perl/modperl/tags/1_31/Changes">Changes</a> | + <a href="https://svn.apache.org/repos/asf/perl/modperl/tags/1_31">Browse</a> | + <a href="https://svn.apache.org/repos/asf/perl/modperl/tags/1_31/Changes">Changes</a> | <a href="../docs/1.0/guide/getwet.html">Installation</a> <br><br> </li> @@ -807,12 +807,12 @@ <blockquote> It is essential that you verify the integrity of the downloaded files - using the PGP or MD5 signatures. + using the PGP, MD5 or SHA signatures. The PGP signatures can be verified using PGP or GPG. First download the - <a href="http://www.apache.org/dist/perl/KEYS">KEYS file</a> as well as + <a href="https://www.apache.org/dist/perl/KEYS">KEYS file</a> as well as the asc signature file for the relevant distribution. Make sure you get - these files from the <a href="http://www.apache.org/dist/perl/">main + these files from the <a href="https://www.apache.org/dist/perl/">main distribution directory</a>, rather than from a mirror. Then verify the signatures using @@ -827,13 +827,8 @@ % gpg --verify mod_perl-2.0.11.tar.gz.asc </pre> - Alternatively, you can verify the MD5 signature on the files. A unix - program called <code>md5</code> or <code>md5sum</code> is included in - many unix distributions. It is also available as part of <a href="http://www.gnu.org/software/textutils/textutils.html">GNU - Textutils</a>. Windows users can get binary md5 programs from <a href="http://www.fourmilab.ch/md5/">here</a>, <a href="http://www.pc-tools.net/win32/freeware/console/">here</a>, or - <a href="http://www.slavasoft.com/fsum/">here</a>. An MD5 signature - consists of 32 hex characters, and a SHA1 signature consists of 40 hex - characters. Ensure your generated signature string matches the signature + Alternatively, you can verify the MD5 or SHA signatures on the files. + Ensure your generated signature string matches the signature string published in the files above. </blockquote>