Stop producing SHA1 and MD5 files, and only provide SHA256 files

XMLWordPrintableJSON

    • Type: Task
    • Resolution: Unresolved
    • Priority: Minor - P4
    • None
    • Affects Version/s: None
    • Component/s: None
    • None
    • DevProd Build
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      From this pull request in mongodb/mongo

      evergreen: y2030 - stop producing SHA1 and MD5 files, and only provide SHA256 files #1625

      To comply with complete withdrawal of SHA1 usage by both IETF RFC
      (non-fips) and NIST CMPV (fips) by 2030, stop producing SHA1 and MD5
      checksum files in favor of only providing SHA256 checksum files.

      As we enter 2026, software produced today might be in active use in
      2030 hence it is best to be forward looking with this.

      If anything breaks, this can be reverted with a migration plan figured
      out to be executed by 2030.

      I suspect this is something that will need additional thought / changes to implement.

            Assignee:
            Unassigned
            Reporter:
            Chris Kelly
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: