On 2005-07-25 12:16, Erik Wikstrvm wrote:
On 2005-07-25 08:41, [EMAIL PROTECTED] wrote:
And yes: Adding another Checksum wouldn't prevent an Attacker to recrete
these files and replace them. But the chance isn't very high that an
attackler could own 3 or 4 different Servers in different networks at the
same time. So every user would be able to compare the Checksums with
checksums stored in a file on another server.
Wouldn't it be easier to just download the MD5-files from more than one
mirror then and compare them? This, of course, requires than the master
site isn't comprimised but othervise I think it's just as good as more
checksums.
Sorry, that was stupid, next time I'll make sure to wake up before
replying.
--
Erik Wikstrvm
