[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Should OpenBSD sign its releases?

On Wed, Jun 02, 2004 at 07:09:57AM -0700, Tim Freeman wrote:
> I had hoped to find a cryptographic signature on the MD5 checksums at
>    ftp://mirror.cs.wisc.edu/pub/mirrors/OpenBSD/3.5/i386/MD5
> but no such luck.  Without these signatures, it's conceivable that
> someone corrupted the archive and updated the MD5's to match.  Is
> there a reason not to sign OpenBSD releases?

Basicly protection of OpenBSD CD sales.
Exit! Stage Left!