4 Aug
2021
4 Aug
'21
05:41
On 04.08.2021 00:43, cagsm wrote:
hello list,
just came across when trying to download leap 15.3 iso bits, that the most or all of the .sha256 files are unsigned simple text files only.
They are signed with detached signatures in .sha256.asc files.
i still remember these sha256 files being some kind of pgp gpg wrapped textfiles with the suse project signing them for legitimacy. am i mistaken?
Probably too many users were confused by "errors" verifying checksum with inline signature so signatures were detached.