8 Jan
2007
8 Jan
'07
13:06
On Tue, 19 Dec 2006, Carlos E. R. wrote:
The "snag" is that checking both checksum and signature doubles checking time. I suppose that the user could select which one to use, same as rpm does, having both systems too, if I'm not mistaken.
A cryptographic signature should detect data corruption as well as a checksum -- after all it needs to detect willful tampering, not just technical corruption. So that should suffice, shouldn't it? Gerald --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-project+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-project+help@opensuse.org