- From: <hallam@alws.cern.ch>
- Date: Thu, 14 Jul 1994 10:34:57 +0200
>The big issue with binary distribution is viruses. To alleviate this >problem, I suggest that anybody who provides a binary distribution >should use MD5 checksums -- signed with a public key, if possible -- >to allow end users to detect corrupted/forged/modified distributions. Would people beleive me if I promised this Real Soon Now (TM)? Just having a bit of hassle rewriting some stuff to make the source code a bit manageable but digital signatures for binary distribution should be here soon. Question is how to declare them? I first thought that the best way would be to simply MD5 the file in transit. This is a bad move since any tampering will take place before distribution... Then I thought of adding it into the URC file... better perhaps... ? Phill
Received on Thursday, 14 July 1994 10:34:41 UTC