On Sun, Jul 29, 2018 at 10:55:31AM +0200, Ondřej Surý wrote: > You need to know the hash is valid before you start the download. > Therefore the hash has to be signed.
Before you *start* the download? Or before you use what you downloaded? -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop