incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marvin Humphrey <>
Subject Re: [VOTE] Release Apache Kylin-0.7.2-incubating
Date Mon, 20 Jul 2015 18:03:17 GMT
On Mon, Jul 20, 2015 at 10:33 AM, Owen O'Malley <> wrote:
> On Sat, Jul 18, 2015 at 12:43 AM, Henry Saputra <>
> wrote:
>>  (NOTE next time probably use sha512)
> I'd like to second the request for using sha512 and not including md5.

The requirements for sums and signatures are covered in the Release
Distribution Policy, established a few months ago and curated by VP

    Every artifact distributed to the public through Apache channels MUST be
    accompanied by one file containing an OpenPGP compatible ASCII armored
    detached signature and another file containing an MD5 checksum. The names
    of these files MUST be formed by adding to the name of the artifact the
    following suffixes:

    *   the signature by suffixing .asc
    *   the checksum by suffixing .md5

    An SHA checksum SHOULD also be created and MUST be suffixed .sha. The
    checksum SHOULD be generated using SHA512.

If anyone wishes to suggest changes to the policy, the proper venue is the
public list infrastructure-dev@apache.

Please note that that the establishment of the Release Distribution Policy
merely codified long-standing policies which had been documented in various
places -- nothing has changed in many years.

Marvin Humphrey

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message