If this is related to MD5 checksums, they've recently been proven to not be conclusive proof that the content of the file is the same as the checksum, ie two different files can create the same checksum under certain conditions.
Maybe it would be a good idea to add a warning to the <checksum> doc page that MD5 is now widely thought to be weak, and anyone serious about security should consider (at least) SHA-1?
-J.
-- Jesse Glick <mailto:[EMAIL PROTECTED]> x22801 NetBeans, Open APIs <http://www.netbeans.org/>
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
