Re: packages without .md5sums file?
>>>>> "Adam" == Adam Heath <adam@lapdoog.doogie.brainfood.com> writes:
Adam> On Sat, 28 Jul 2001, Marcus Brinkmann wrote:
>> In contrast, if the md5sums are stored in the package on CD,
>> verification is easy: You just need to boot from the (trusted)
>> CD, and kick off the comparison with the CD content. It is
>> easier to trust a list of checksums mirrored world wide and
>> verified by many users than to trust a list which is generated
>> by the system you want to verify.
Adam> Boot from said trusted CD, run said trusted dpkg, to
Adam> calculate the md5sums of the files.
Which requires scanning each and every *.deb file, in order to
calculate the expected checksums of each individual file. What is the
performance lost here?
--
Brian May <bam@debian.org>
Reply to: