You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Also, only the CLI packages have signatures and not the server packages.
Finally, the signatures aren't linked from the downloads page; you have to go through the "Archived downloads..." link and then pick a release. Adding a link to the signatures directly to the download page will encourage people to actually use them.
Why remove the MD5 hashes? They can't be relied upon to provide adequate tamper-resistance. Their use should be actively discouraged, which is why I'm requesting that the old hashes be actively removed and replaced with modern hashes. There is no technical barrier to computing new hashes on the old artifacts.
The text was updated successfully, but these errors were encountered:
Mirth Connect releases hosted at e.g. https://mirthdownloadarchive.s3.amazonaws.com/index.html?prefix=connect/4.0.1.b293/ provide sha256 and md5 hashes. I recommend removing all the old MD5 hashes, re-computing any hashes missing from old releases and publishing them.
Also, only the CLI packages have signatures and not the server packages.
Finally, the signatures aren't linked from the downloads page; you have to go through the "Archived downloads..." link and then pick a release. Adding a link to the signatures directly to the download page will encourage people to actually use them.
Why remove the MD5 hashes? They can't be relied upon to provide adequate tamper-resistance. Their use should be actively discouraged, which is why I'm requesting that the old hashes be actively removed and replaced with modern hashes. There is no technical barrier to computing new hashes on the old artifacts.
The text was updated successfully, but these errors were encountered: