[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Please do not sign MD5SUMS



Hello.

I've noticed that all of the MD5SUMS files are GPG signed.  This is not good
as it breaks md5sum's builtin functionality to check the md5sum of the files
against the md5sums from an existing file (ie. md5sum -c MD5SUMS does not
work).  Also it makes it a little harder to check the sums by other means. 
In my opinion, it would be better if there would be a detached signature to
these files (ie. run gpg --detach-sign --armor MD5SUMS, instead of gpg
--clearsign MD5SUMS).

Thanks,

Alexander Skwar
-- 
How to quote:	http://learn.to/quote (german) http://quote.6x.to (english)
Homepage:	http://www.digitalprojects.com   |   http://www.iso-top.de
   iso-top.de - Die günstige Art an Linux Distributionen zu kommen
		Uptime: 1 day 6 hours 33 minutes



Reply to: