On Sun, 2003-02-02 at 20:23, Marc G. Fournier wrote:

> right, that is why we started to provide md5 checksums ...

md5 checksums only validate that the intended package (trojaned or
legit) has been properly received.  They offer nothing from a security
perspective unless the checksums have been signed with a key which can
be readily validated from multiple independent sources.

Regards,

-- 
Greg Copeland <[EMAIL PROTECTED]>
Copeland Computer Consulting


---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

Reply via email to