[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Package Verification



brian white writes ("Package Verification "):
> I'd like to suggest another field to be automatically added to the
> "Packages" files that exist at the top of each hierarchy in the
> distribution.  I'd like to see a "Checksum:" field that can be used to
> verify the correct download of these packages.  I think including both
> an 'md5sum' and a (filesize) would be best as the file size would
> allow a reasonable check on non-Debian systems and the 'md5sum' would
> allow absolute verification before installation.
> 
> Example:
> checksum: d14d384e0895986bc9f2b09f0a8b84fc (295393)
> 
> The reason for this is so programs like 'dftp' can verify that they
> retrieved the packages correctly before attempting to install them.

Eventually dpkg will have its own support for package verification.
Also, the format you propose can't be used as input to `md5sum -c'.

Ian.


Reply to: