httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dirk.vanGulik" <Dirk.vanGu...@jrc.it>
Subject Re: [STATUS] 1.2.1
Date Thu, 03 Jul 1997 16:54:54 GMT

> > > > > Yes, but so what? The user simply uncompresses/ungzips and then checks
the
> > > > > signature.
> > > > > 
> > > > 
> > > > I'm just thinking of saving them that extra step. No big deal.
> > > > 
> > > And one could argue of cource that since the compressed file has
> > > higher information density; the quality of the checksum is of 
> > > course higher :-) So a fundamentalist might insist on only
> > > signing the gzipped file :-)
> > > 
> > > Dw.
> > 
> > Which is exactly why I signed the compressed files the first time 
> > around. *shrug*
> 
> Phooey. There's no more information in the compressed file than in the
> uncompressed one. I trust Dirk was joking.

Well I was trying to stir things up; and I cannot care wee bit wether
the things is md5-ed in either form; it is safe enough for its purpose. 

But I do think that a higher information content per block-size does give 
a fundamentally at least as good or a stronger signature. Of course the 
total info contents is the same; thus for the 'perfect' signature algo
it would not make a diference; however most are a certain repeating
block element. (Althoug again the perfect stream cypher would not care :-)

:-)

Dw.


Mime
View raw message