Re: [kernel.org] md5 for verifying downloads of kernel [right post]
From: Xan
Date: Tue Apr 06 2004 - 03:30:30 EST
Dimarts 06 Abril 2004 03:52, en/na Mark Hahn (<Mark Hahn
<hahn@xxxxxxxxxxxxxxxxxxx>>) va escriure:
> > Is it possible to put in webpage and in ftp a link and a file,
> > respectively, of the md5 sums (or any other checking file program) of all
> > kernel files?.
>
> why are you not satisfied with the current GnuPG signatures on
> kernel tars and patch files?
>
> ie
> ftp://ftp.kernel.org/pub/linux/kernel/v2.6/linux-2.6.1.tar.gz.sign
>
> > With this, anyone could see if the downloaded kernel file (usually more
> > than 30MB) is well-downloaded.
>
> indeed, tars and patches have been signed for a long time.
Okay. I did not know that. Now I satisfied ;-). But, I think a "miss": the
webmaster of kernel.org could link the signature of all kernel files (?).
That is, could we have got something like:
The latest stable version of the Linux kernel is: 2.6.5 2004-04-04 04:17
UTC F V VI C Changelog SIGN
where SIGN links to 2.6.5 signature?
Sorry, but I think that the reference to signature page in kernel.org is not
of all visible. It's in a more low possition, I think.
Sorry for ask that,
Xan.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/