GNU bug report logs - #55666
enhancement request - SHA-256 for emacs downloads

Previous Next

Package: emacs;

Reported by: Ali Elshishini <shishini <at> outlook.com>

Date: Thu, 26 May 2022 20:27:02 UTC

Severity: wishlist

Tags: wontfix

Done: Lars Ingebrigtsen <larsi <at> gnus.org>

Bug is archived. No further changes may be made.

Full log

Message #8 received at 55666 <at> debbugs.gnu.org (full text, mbox):

From: Lars Ingebrigtsen <larsi <at> gnus.org>
To: Ali Elshishini <shishini <at> outlook.com>
Cc: 55666 <at> debbugs.gnu.org
Subject: Re: bug#55666: enhancement request - SHA-256 for emacs downloads
Date: Fri, 27 May 2022 12:59:25 +0200

Ali Elshishini <shishini <at> outlook.com> writes:

> May you please include a list of SHA-256 hashes for the downloads in 
> https://www.gnu.org/software/emacs/download.html
>
> This will provide an easy and secure way to verify downloads
> Please note that the experience to verify the signature on windows is very poor
> and it for me at least ended up with the file nor being verified because of missing
> public key 
>
> A SHA-256 hash will be a simple solution

That would require people to edit that web page every time they generate
a package, which would be error prone and require too much work of the
people who build the packages.

The packages are signed, which I think should be more than sufficient,
so I'm closing this bug report.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no
This bug report was last modified 2 years and 359 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.