Jim Choate writes:

 > No, you don't. Sign the source and binaries.

You trust your secure hash reporting you the truth? Duh.

Reply via email to