Mailing List Archive

svn commit: r1868059 - /perl/site/download/index.html
Author: stevehay
Date: Sun Oct 6 13:25:34 2019
New Revision: 1868059

URL: http://svn.apache.org/viewvc?rev=1868059&view=rev
Log:
Use SHA256/SHA512 checksums rather than MD5/SHA1 as required by https://www.apache.org/dev/release-distribution

Also, prefer https: links over http: links.

Modified:
perl/site/download/index.html

Modified: perl/site/download/index.html
URL: http://svn.apache.org/viewvc/perl/site/download/index.html?rev=1868059&r1=1868058&r2=1868059&view=diff
==============================================================================
--- perl/site/download/index.html (original)
+++ perl/site/download/index.html Sun Oct 6 13:25:34 2019
@@ -772,31 +772,31 @@

<li>mod_perl 2.0: Version 2.0.11 - October 5, 2019<br>
For use with Apache 2.0.x / 2.2.x / 2.4.x <br/>
- <a href="http://www.apache.org/dyn/closer.cgi/perl/mod_perl-2.0.11.tar.gz">Download</a>
+ <a href="https://www.apache.org/dyn/closer.cgi/perl/mod_perl-2.0.11.tar.gz">Download</a>
[
- <a href="http://www.apache.org/dist/perl/mod_perl-2.0.11.tar.gz.asc">PGP</a>
+ <a href="https://www.apache.org/dist/perl/mod_perl-2.0.11.tar.gz.asc">PGP</a>
] [
- <a href="http://www.apache.org/dist/perl/mod_perl-2.0.11.tar.gz.md5">MD5</a>
+ <a href="https://www.apache.org/dist/perl/mod_perl-2.0.11.tar.gz.sha256">SHA256</a>
] [
- <a href="http://www.apache.org/dist/perl/mod_perl-2.0.11.tar.gz.sha1">SHA1</a>
+ <a href="https://www.apache.org/dist/perl/mod_perl-2.0.11.tar.gz.sha512">SHA512</a>
] |
- <a href="http://svn.apache.org/repos/asf/perl/modperl/tags/2_0_11">Browse</a> |
- <a href="http://svn.apache.org/repos/asf/perl/modperl/tags/2_0_11/Changes">Changes</a> |
+ <a href="https://svn.apache.org/repos/asf/perl/modperl/tags/2_0_11">Browse</a> |
+ <a href="https://svn.apache.org/repos/asf/perl/modperl/tags/2_0_11/Changes">Changes</a> |
<a href="../docs/2.0/user/install/install.html">Installation</a>
</li>

<li>mod_perl 1.0: Version 1.31 - May 11, 2009<br>
For use with Apache 1.3.x <br/>
- <a href="http://www.apache.org/dyn/closer.cgi/perl/mod_perl-1.31.tar.gz">Download</a>
+ <a href="https://www.apache.org/dyn/closer.cgi/perl/mod_perl-1.31.tar.gz">Download</a>
[
- <a href="http://www.apache.org/dist/perl/mod_perl-1.31.tar.gz.asc">PGP</a>
+ <a href="https://www.apache.org/dist/perl/mod_perl-1.31.tar.gz.asc">PGP</a>
] [
- <a href="http://www.apache.org/dist/perl/mod_perl-1.31.tar.gz.md5">MD5</a>
+ <a href="https://www.apache.org/dist/perl/mod_perl-1.31.tar.gz.md5">MD5</a>
] [
- <a href="http://www.apache.org/dist/perl/mod_perl-1.31.tar.gz.sha1">SHA1</a>
+ <a href="https://www.apache.org/dist/perl/mod_perl-1.31.tar.gz.sha1">SHA1</a>
] |
- <a href="http://svn.apache.org/repos/asf/perl/modperl/tags/1_31">Browse</a> |
- <a href="http://svn.apache.org/repos/asf/perl/modperl/tags/1_31/Changes">Changes</a> |
+ <a href="https://svn.apache.org/repos/asf/perl/modperl/tags/1_31">Browse</a> |
+ <a href="https://svn.apache.org/repos/asf/perl/modperl/tags/1_31/Changes">Changes</a> |
<a href="../docs/1.0/guide/getwet.html">Installation</a>
<br><br>
</li>
@@ -807,12 +807,12 @@
<blockquote>

It is essential that you verify the integrity of the downloaded files
- using the PGP or MD5 signatures.
+ using the PGP, MD5 or SHA signatures.

The PGP signatures can be verified using PGP or GPG. First download the
- <a href="http://www.apache.org/dist/perl/KEYS">KEYS file</a> as well as
+ <a href="https://www.apache.org/dist/perl/KEYS">KEYS file</a> as well as
the asc signature file for the relevant distribution. Make sure you get
- these files from the <a href="http://www.apache.org/dist/perl/">main
+ these files from the <a href="https://www.apache.org/dist/perl/">main
distribution directory</a>, rather than from a mirror. Then verify the
signatures using

@@ -827,13 +827,8 @@
% gpg --verify mod_perl-2.0.11.tar.gz.asc
</pre>

- Alternatively, you can verify the MD5 signature on the files. A unix
- program called <code>md5</code> or <code>md5sum</code> is included in
- many unix distributions. It is also available as part of <a href="http://www.gnu.org/software/textutils/textutils.html">GNU
- Textutils</a>. Windows users can get binary md5 programs from <a href="http://www.fourmilab.ch/md5/">here</a>, <a href="http://www.pc-tools.net/win32/freeware/console/">here</a>, or
- <a href="http://www.slavasoft.com/fsum/">here</a>. An MD5 signature
- consists of 32 hex characters, and a SHA1 signature consists of 40 hex
- characters. Ensure your generated signature string matches the signature
+ Alternatively, you can verify the MD5 or SHA signatures on the files.
+ Ensure your generated signature string matches the signature
string published in the files above.

</blockquote>