[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Is this the real Fedora 11? I ask because of the file dates...





On Tue, Jun 9, 2009 at 8:51 PM, Todd Zullinger <tmz pobox com> wrote:
Fernando Cassia wrote:
> See here
> http://blog.nfllab.com/archives/152-Win32-native-md5sum,-sha1sum,-sha256sum-etc..html
>
> Google is your friend. :)

I wouldn't say that downloading an executable from some blog is the
best thing to recommend.

I was answering to the user on this list. I wasn´t suggesting that Red Hat or Fedora.org points to that blog.
 
 Especially not if the goal is to check the
integrity of the Fedora .iso images.

I'm not sure what to recommend for Windows users honestly.  With the
recent work that has gone into Fedora to allow cross-compiling windows
binaries, it might be possible to build an sha256sum.exe that could be
hosted on fedoraproject.org.

Surely. I just compiled a win32 version ofa a GPL linux utility with Cygwin minutes ago.
 
 That might be a little more trustworthy
for us to suggest Windows users use to verify the .iso file we
distribute.

> PS: Adding a "checksum-verification.txt´text file explaining that
> users need to use sha256sum, and where to obtain it, would be cool.

What about https://fedoraproject.org/verify ?

That would be nice. But also, a text file on the file repositories explaining the files verification process would be nice.

Call me old-fashioned, but I´m used  to the time when every FTP site had a "00_index.txt" file contained a "ls -lR" of the whole file tree and also a README file on each folder explaining what was in there.

Likewise, including a tiny text file alongside the iso images would help answer the obvious question to someone whom has just downloaded the file(s) "Great, now how do I verify these images are OK?".

FC



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]