Re: add sha256 files to releases - Mailing list pgsql-hackers

From Tom Lane
Subject Re: add sha256 files to releases
Date
Msg-id 15524.1365996260@sss.pgh.pa.us
Whole thread Raw
In response to add sha256 files to releases  (Peter Eisentraut <peter_e@gmx.net>)
List pgsql-hackers
Peter Eisentraut <peter_e@gmx.net> writes:
> Could we generated sha256 files for the release tarballs, instead of the
> md5 files that are currently generated?  The packaging systems that I
> surveyed that verify the checksum of the tarball (FreeBSD ports and the
> like) don't use md5 anymore, so a sha256 file would be much more useful
> for direct verification.  For someone doing manual checking of their
> download, it wouldn't make a difference if a different method is used.

md5 is still handy for Fedora/RHEL purposes --- not so much for
verification, as for a crosscheck that the upload into their lookaside
cache happened correctly (the lookaside cache is indexed by md5).

I have no objection to generating sha256 checksums in addition to the
md5 ones, though.
        regards, tom lane



pgsql-hackers by date:

Previous
From: Robert Haas
Date:
Subject: Re: PROPOSAL: tracking aggregated numbers from pg_stat_database
Next
From: Florian Pflug
Date:
Subject: Re: Inconsistent DB data in Streaming Replication