Heres my two pence worth of garbage:
1. If each package had a md5sum file, one could verify the space
requirements before installing a package.
2. md5sum files in the package could be signed. (secure)
3. After configuration new md5sums can be generated and signed (for
security)
With signed md5sums and a bootdisk with md5sum, keyring and pgp on it
one can check the system for unallowed alterations. Theres your
security.
What I would like most on md5sum files is that one can tell if a
package would fit before/during installing and that should be
something dpkg or apt should learn.
May the Source be with you.
Goswin
