On 11 Dec 2007, at 05:12, Michael G Schwern wrote:
Adam Kennedy posed me a stumper on #toolchain tonight. In short,
test which checks your signature doesn't appear to be an actual
tampering. The man-in-the-middle can just delete the test, or just
SIGNATURE file since it's not required. So why ship a signature test?
The only thing I can think of is to ensure the author that the
they're about to ship is valid, but that's not something that needs
to be shipped.
It is something that needs to be shipped if you have the "CPAN is the
definitive version of a module. Somebody can fork from it" attitude.
It certainly doesn't have to run though...