httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <>
Subject Re: 1.2.1
Date Sun, 06 Jul 1997 17:06:08 GMT
On Sun, 6 Jul 1997, Ben Laurie wrote:

> Randy Terbush wrote:
> > I agree that md5 is probably sufficient for our purposes. 
> > Perhaps the crypto-heads can convince me of the advantages of using 
> > PGP.
> It allows people to check for tampered-with source on mirrors.

md5 lets you do that too, and is the main reason I would use it if I were
a user.

Get the md5 hash from the main site, get the tarball from a closer mirror,
compare the hashes.  Much easier for me on OSes with md5 already installed
than installing pgp, getting the keys, etc, etc. 

View raw message