Greetings all, http://en.opensuse.org/SDB:Check_the_validity_of_a_SUSE_RPM_or_ISO_file implies that there should be .iso.asc signatures for each iso file. However, I cannot find these for 10.3, indeed google cannot find any for newer than early 9.x. Are these signatures available? And if so where? Or is there a signed version of hashes? I see there is a content and content.asc on the media which can presumably be used to verify the boot image is correct, but I fear it is still potentially possible to generate an image with malicious bootloader and the same md5sum. _ Benjamin Weber --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org