#393 drop warning about gpg signature hash
Closed: Fixed None Opened 11 years ago by kevin.

The https://fedoraproject.org/en/verify page has a warning:

"Please note that the Hash: SHA256 line in the CHECKSUM file is part of the PGP signature. It does not specify the type of hash used to verify the .iso files."

While this is true, actually the gpg hash and the checksum for the isos are both SHA256 now. This was added back when the gpg sig was SHA1 and the checksum was SHA256.

So, this warning just confuses people.

Consider just dropping it.


Fixed with commit cded676 on master branch and bdcf3e4 on f19-alpha.

Login to comment on this ticket.

Metadata