RE: Replace K&R source dist. with binary dist [Was: libwww ]
Subject: RE: Replace K&R source dist. with binary dist [Was: libwww ]
Date: Thu, 14 Jul 1994 10:34:57 +0200
>The big issue with binary distribution is viruses. To alleviate this
>problem, I suggest that anybody who provides a binary distribution
>should use MD5 checksums -- signed with a public key, if possible --
>to allow end users to detect corrupted/forged/modified distributions.
Would people beleive me if I promised this Real Soon Now (TM)?
Just having a bit of hassle rewriting some stuff to make the source code a bit
manageable but digital signatures for binary distribution should be here soon.
Question is how to declare them? I first thought that the best way would be
to simply MD5 the file in transit. This is a bad move since any tampering
will take place before distribution...
Then I thought of adding it into the URC file... better perhaps... ?