haraldschilly
commented
5 years ago all html files are created by an ancient script and then mirrored just like all the other files. In theory, it shouldn't be hard to add sha256. I'll check…
Open embray opened 5 years ago
haraldschilly
commented
5 years ago all html files are created by an ancient script and then mirrored just like all the other files. In theory, it shouldn't be hard to add sha256. I'll check…
embray
commented
5 years ago Yes, from the script I looked it, it would be straightforward to add sha256. I just wasn't sure if the HTML pages are mirrored as well, or if mirrors had to do anything special to upgrade.
I have people asking me for checksums of released files (for the Windows exe in particular).
The current mirrors support MD5 sums which is fine for download verification, but not for anything more secure. We should also provide sha256 sums for the paranoid out there.
I don't know how much trouble it is to update the mirror software. Do the mirrors themselves need to update any code? Or do we generate the HTML files for them too and just get rsync'd?