D/L Validation issues and your website

Todd Zullinger tmz at pobox.com
Sun Jun 21 01:32:08 UTC 2009 

Hi Michael,

Reorx wrote:
> I am generally "computer literate" (maybe even "savy") but a Linux
> virgin...  I recently downloaded a copy of the Fedora 11 live ISO file for
> Intel compatible PCs (32-bit).
>
> Your website suggests "validating" the D/L.
>
> In the "validating D/L for Windows users" section, you give Windows
> users 3 choices for validating their D/L:
> 1) HashCalc >>> I couldn't get HashCalc to D/L - probably a problem
>    with the HashCalc website - not your fault.
> 2) XCSC >>> Nice little utility which reported the
>    SHA1SUM as "795B52B3C7B16EBA6F2CAE055EC894D8648D8095"
>    (without the quotes)
> 3) SHA1SUM.EXE >>> Nice little command line utility that reported
>    the SHA1SUM the same as XCSC but using lower case letters.  I
>    realize that this doesn't matter (i.e. the SHA1SUM is actually
>    a hexidecimal number and therefore is NOT case sensitive).
>
> Now that I have a SHA1SUM value for MY D/L, it would be nice to
> find a SHA1SUM value for the file on your website for the sake of
> comparing the 2 values i.e. validation.  The instructions about
> how to use the above software suggest opening the file "SHA1SUM" using
> a text editor and comparing the values...  I looked everywhere but
> couldn't find a file named SHA1SUM!!!
>
> My request is that you put a link to the referenced SHA1SUM file on
> the webpage for the Windows validation instructions
>>>>
> http://docs.fedoraproject.org/readme-burning-isos/en_US/sn-validating-files.
> html
>
> In the meantime, can you send me a link to the file or tell me if the
> file that I D/L has the correct SHA1SUM value???

Unfortunately, the problem is that the documentation is out of date
for Fedora 11, because the checksum used was switched to SHA-256
instead of SHA-1.  A bug has been opened to update the documentation.
There is a little bit more information in the bug report:

https://bugzilla.redhat.com/504228

There are some windows sha256sum binaries listed in the bug report,
but I am not sure any of them are suitable for the Fedora Project to
recommend to users.  But I have no doubt that between the Fedora
documentation team and the other great folks in the Fedora community,
this situation can and will be improved.

FWIW, I can attest that the SHA-1 of the Fedora-11-i686-Live.iso is
795b52b3c7b16eba6f2cae055ec894d8648d8095.  (Now, whether you have any
reason to trust me is another matter. :)

-- 
Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Don't go around saying the world owes you a living. The world owes you
nothing.  It was here first.
    -- Mark Twain

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 542 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-websites-list/attachments/20090620/0708ea13/attachment.sig>

More information about the Fedora-websites-list mailing list