download verification with md5?

Justin Sherrill justin at shiningsilence.com
Fri Jan 3 06:21:51 PST 2020


On Fri, Jan 3, 2020 at 4:51 AM Michael Neumann <mneumann at ntecs.de> wrote:

> Given that your private key stays secured this adds another layer of
> security. Right now, even using SHA256 checksums would be no more secure
> in case you download the checksum file (md5.txt or sha256.txt) from the
> same mirror server as the file itself.
>
> If you need help setting this up, please let me know.

This is a good idea, and a very helpful writeup.  I'm low on time (as
is everyone, always) but I'm not working this weekend - let me see how
far I get.



More information about the Users mailing list