Please do not sign MD5SUMS

To: debian-cd@lists.debian.org
Subject: Please do not sign MD5SUMS
From: Alexander Skwar <ASkwar@DigitalProjects.com>
Date: Sun, 6 May 2001 01:09:04 +0200
Message-id: <[🔎] 20010506010904.P11303@Garten.DigitalProjects.com>

Hello.

I've noticed that all of the MD5SUMS files are GPG signed.  This is not good
as it breaks md5sum's builtin functionality to check the md5sum of the files
against the md5sums from an existing file (ie. md5sum -c MD5SUMS does not
work).  Also it makes it a little harder to check the sums by other means. 
In my opinion, it would be better if there would be a detached signature to
these files (ie. run gpg --detach-sign --armor MD5SUMS, instead of gpg
--clearsign MD5SUMS).

Thanks,

Alexander Skwar
-- 
How to quote:	http://learn.to/quote (german) http://quote.6x.to (english)
Homepage:	http://www.digitalprojects.com   |   http://www.iso-top.de
   iso-top.de - Die günstige Art an Linux Distributionen zu kommen
		Uptime: 1 day 6 hours 33 minutes

Reply to:

Prev by Date: Re: pseudo image kit problems
Next by Date: rsync vs FTP/HTTP
Previous by thread: Re: pseudo image kit problems
Next by thread: rsync vs FTP/HTTP
Index(es):
- Date
- Thread