5 Jul
2007
5 Jul
'07
10:20 p.m.
On Thu, Jul 05, 2007 at 02:06:09PM -0700, Jason Chu wrote:
I was the main person pushing for this and it was mostly for the malicious downloads.
It's not the package downloading that I was worried about as much as the source tarballs. We use md5sums to make sure that the tarball we downloaded building the package is the same as the tarball that the developer used when they built the package. If someone gets access to the upstream's server, we're using the md5sum to trust files over time.
Oh I see. But what I am really wondering is why combining two existing algorithms that have flaws instead of using one for which no flaw has been found yet ? Isn't it both less secure and more complicated ?