On Sun, 8 Mar 2009 09:25:19 +0000 Neil Bothwick <n...@digimed.co.uk> wrote:
> Don't redigest a distfile unless you can e 100% certain of its validity. On the other hand, the rule can go like this: Always redigest when downloading from official source, unless you can be 100% sure that you've rsync'ed with the valid (tm) mirror, not some third-party-in-the-middle impersonation or malicious developer contribution. -- Mike Kazantsev // fraggod.net
signature.asc
Description: PGP signature
