|
From: | Dmitri A. Sergatskov |
Subject: | Re: CGI scripts on www.octave.org broken |
Date: | Wed, 31 Mar 2004 13:45:13 -0700 |
User-agent: | Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040115 |
Steve Lipa wrote:
On Mar 31 Dmitri A. Sergatskov (address@hidden) wrote:Perhaps the easiest thing would be providing MD5 signatures of the uploaded files when you announce a new release...This is nice, but it only provides an indication that the file transfer worked properly, which is probably addressed by FTP or whatever protocol
No. It provides a guarantee that the file you downloaded is the same as the file John Eaton had uploaded.
you use to transfer the file. To get real security you need a digital
^^^^^^^^^^^^^^^ "Real security" is a buzzword.
signature. The digital signature is just as easy to produce as the MD5 hash anyway.
When you have everything setup, may be.
Steve
Dmitri.
[Prev in Thread] | Current Thread | [Next in Thread] |