Is the reason you don't want people downloading the CVDs directly because that approach doesn't distribute the load, or do you have some changes in mind for Freshclam that are incompatible with simple direct downloading?
I'd hate to see ClamAV going the way of smartphones and tablets, with specialized "apps" using opaque protocols replacing HTML and other open protocols. (Not to mention that recent smartphones seem only to allow MTP and similar restrictive protocols, as opposed to having the device export its complete file system over USB like earlier Androids did.) On Thu, 29 Sep 2016 22:22:32 +0000 "Joel Esler (jesler)" <jes...@cisco.com> wrote: > We really don’t want people downloading the cvd’s through the browser > directly on the website. We really want to encourage people to use > Freshclam to do this. > > -- > Joel Esler > Manager > Talos Group > http://www.talosintelligence.com > > On Sep 29, 2016, at 12:21 PM, Alexey Salmin > <alexey.sal...@gmail.com<mailto:alexey.sal...@gmail.com>> wrote: > > Sorry if this had been proposed before, nothing showed up in my > search. > > I suggest to display checksums (MD5, SHA or both) on the website next > to CVD download links on the > www.clamav.net/downloads<http://www.clamav.net/downloads> page. This > will provide a user with: 1) A simple way to check if files were > updated since the last download. It takes time to fetch the main.cvd. > I realize that this should be possible with a custom HTTP query but > it's not convenient in case you're simply using a browser to get the > file. 2) A quick and a standard way to validate the integrity of the > file, without going into CVD internals and digital signatures. > > Thank you, > Alexey _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
