You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jackrabbit.apache.org by "Julian Reschke (JIRA)" <ji...@apache.org> on 2017/10/10 11:17:00 UTC
[jira] [Commented] (JCR-4182) new release checksum requirements
[ https://issues.apache.org/jira/browse/JCR-4182?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16198524#comment-16198524 ]
Julian Reschke commented on JCR-4182:
-------------------------------------
trunk: [r1811667|http://svn.apache.org/r1811667]
> new release checksum requirements
> ---------------------------------
>
> Key: JCR-4182
> URL: https://issues.apache.org/jira/browse/JCR-4182
> Project: Jackrabbit Content Repository
> Issue Type: Improvement
> Reporter: Davide Giannella
> Assignee: Julian Reschke
> Labels: candidate_jcr_2_10, candidate_jcr_2_12, candidate_jcr_2_14, candidate_jcr_2_6, candidate_jcr_2_8
> Fix For: 2.16, 2.10.7, 2.6.10, 2.15.7, 2.14.4, 2.8.7, 2.12.9
>
>
> As of various SHA algorithm the Apache policies around signatures and checksums changed requiring to specify the sha algorithm as part of the file extension: sha1, sha256, sha512.
> http://www.apache.org/dev/release-distribution#sigs-and-sums
> currently Jackrabbit signs with sha-1 and we should at least change the file extension
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)