> Conclusion: I think data corruption might be a problem in some cases. > Notice how all Linux distributions include MD5 hashes for all downloads, > so they can be checked on the receiving end?
This is not to detect data corrumption because of data transmission but to detect "man in the middle" attack. MD5 checksum allow the user to check if the data file he downloaded is the same as the data file the developper dropped on the server and was not replaced either on the server or by someone intercepting the communication. In think in the context you mention, MD5 is used for security, no for data integrity. > I decided to implement MD5-based file checking for my downloads > (my application only downloads > stuff from my own site, so I've got everything under my control). I've > done this because I know I've got quite a few clients on very bad > dial-up lines. If I didn't have those clients I would have done no > checking at all. ICS include MD5 support (as well as MD4 and SHA1). The latest beta also support FTP extensions for MD5 checksumming. -- Contribute to the SSL Effort. Visit http://www.overbyte.be/eng/ssl.html -- [EMAIL PROTECTED] http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
