On mercredi 13 juin 2018 09:20:24 CEST Ben Elliston wrote:
> On 13/06/18 09:18, Even Rouault wrote:
> > The checksum is more intended to check that there wasn't an accidental
> > corruption in the transportation of the archive (MD5 will remain safe
> > forever for detecting that), rather than an at
On 13/06/18 09:18, Even Rouault wrote:
The checksum is more intended to check that there wasn't an accidental
corruption in the transportation of the archive (MD5 will remain safe forever
for detecting that), rather than an attempt to forge an hostile archive. In
which case, we should also sign
On mercredi 13 juin 2018 09:02:00 CEST Ben Elliston wrote:
> The source download page:
> https://trac.osgeo.org/gdal/wiki/DownloadSource
>
> .. gives MD5 checksums for the source releases. Starting with 2.3.1, can
> I suggest we start using SHA256 instead of the long-broken MD5?
The checksum is m
The source download page:
https://trac.osgeo.org/gdal/wiki/DownloadSource
.. gives MD5 checksums for the source releases. Starting with 2.3.1, can
I suggest we start using SHA256 instead of the long-broken MD5?
Ben
___
gdal-dev mailing list
gdal-dev@
