Ubuntu

Apt support for sha256 checksums

Registered by Michael Vogt on 2006-10-30

All code in apt that deals with authentication of packages should support sha256 checksums to support better security. Currently only md5 and sha1 are supported by default.

This needs support from soyuz to write out a SHA256 tag in the main Release file.

Read the full specification

Blueprint information

Status:: Complete

Approver:: Scott James Remnant (Canonical)

Priority:: Low

Drafter:: Michael Vogt

Direction:: Needs approval

Assignee:: Michael Vogt

Definition:: Approved

Series goal:: Accepted for feisty

Implementation:: Implemented

Milestone target:: None

Started by: Michael Vogt on 2006-11-27

Completed by: Michael Vogt on 2008-12-19

Related branches

Related bugs

Bug #71845: Please add sha256 checksums to the Release file

Fix Released

Sprints

uds-mtv

Whiteboard

Declined for discussion, instead sent straight to a release goal.
dholbach: with the additional explanation and the suggestion to do a benchmark, I'm happy enough to set the spec to approved.
mvo: working Implementation (module .dsc format change) at http://people.ubuntu.com/~mvo/bzr/apt/sha256/, waiting for soyuz support (bug #71845)
mvo: implemented now

(?)

Work Items

This blueprint contains Public information

Everyone can see this information.

Subscribers

Ant Bryan

Shirish Agarwal