D/L Validation issues and your website
Todd Zullinger
tmz at pobox.com
Sun Jun 21 01:32:08 UTC 2009
Hi Michael,
Reorx wrote:
> I am generally "computer literate" (maybe even "savy") but a Linux
> virgin... I recently downloaded a copy of the Fedora 11 live ISO file for
> Intel compatible PCs (32-bit).
>
> Your website suggests "validating" the D/L.
>
> In the "validating D/L for Windows users" section, you give Windows
> users 3 choices for validating their D/L:
> 1) HashCalc >>> I couldn't get HashCalc to D/L - probably a problem
> with the HashCalc website - not your fault.
> 2) XCSC >>> Nice little utility which reported the
> SHA1SUM as "795B52B3C7B16EBA6F2CAE055EC894D8648D8095"
> (without the quotes)
> 3) SHA1SUM.EXE >>> Nice little command line utility that reported
> the SHA1SUM the same as XCSC but using lower case letters. I
> realize that this doesn't matter (i.e. the SHA1SUM is actually
> a hexidecimal number and therefore is NOT case sensitive).
>
> Now that I have a SHA1SUM value for MY D/L, it would be nice to
> find a SHA1SUM value for the file on your website for the sake of
> comparing the 2 values i.e. validation. The instructions about
> how to use the above software suggest opening the file "SHA1SUM" using
> a text editor and comparing the values... I looked everywhere but
> couldn't find a file named SHA1SUM!!!
>
> My request is that you put a link to the referenced SHA1SUM file on
> the webpage for the Windows validation instructions
>>>>
> http://docs.fedoraproject.org/readme-burning-isos/en_US/sn-validating-files.
> html
>
> In the meantime, can you send me a link to the file or tell me if the
> file that I D/L has the correct SHA1SUM value???
Unfortunately, the problem is that the documentation is out of date
for Fedora 11, because the checksum used was switched to SHA-256
instead of SHA-1. A bug has been opened to update the documentation.
There is a little bit more information in the bug report:
https://bugzilla.redhat.com/504228
There are some windows sha256sum binaries listed in the bug report,
but I am not sure any of them are suitable for the Fedora Project to
recommend to users. But I have no doubt that between the Fedora
documentation team and the other great folks in the Fedora community,
this situation can and will be improved.
FWIW, I can attest that the SHA-1 of the Fedora-11-i686-Live.iso is
795b52b3c7b16eba6f2cae055ec894d8648d8095. (Now, whether you have any
reason to trust me is another matter. :)
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Don't go around saying the world owes you a living. The world owes you
nothing. It was here first.
-- Mark Twain
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 542 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-websites-list/attachments/20090620/0708ea13/attachment.sig>
More information about the Fedora-websites-list
mailing list