From owner-freebsd-doc  Mon Jan 20  9:57:37 2003
Delivered-To: freebsd-doc@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id DBDF537B401; Mon, 20 Jan 2003 09:57:35 -0800 (PST)
Received: from sccrmhc01.attbi.com (sccrmhc01.attbi.com [204.127.202.61])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id A25CC43EB2; Mon, 20 Jan 2003 09:57:34 -0800 (PST)
	(envelope-from swear@attbi.com)
Received: from localhost.localdomain (<unknown.domain>[12.242.158.67])
          by sccrmhc01.attbi.com (sccrmhc01) with ESMTP
          id <2003012017573200100ho9uce>; Mon, 20 Jan 2003 17:57:32 +0000
Received: from localhost.localdomain (localhost [127.0.0.1])
	by localhost.localdomain (8.12.6/8.12.5) with ESMTP id h0KHu3m9099097;
	Mon, 20 Jan 2003 09:56:03 -0800 (PST)
	(envelope-from swear@attbi.com)
Received: (from jojo@localhost)
	by localhost.localdomain (8.12.6/8.12.5/Submit) id h0KHtuK9099094;
	Mon, 20 Jan 2003 09:55:56 -0800 (PST)
	(envelope-from swear@attbi.com)
X-Authentication-Warning: localhost.localdomain: jojo set sender to swear@attbi.com using -f
To: Udo Erdelhoff <ue@nathan.ruhr.de>
Cc: freebsd-doc@freebsd.org, freebsd-security@freebsd.org
Subject: Re: Putting MD5 checksums on the web site
References: <20030120065252.GB173@nathan.ruhr.de>
From: swear@attbi.com (Gary W. Swearingen)
Date: 20 Jan 2003 09:55:56 -0800
In-Reply-To: <20030120065252.GB173@nathan.ruhr.de>
Message-ID: <mrd6mrr9hv.6mr@localhost.localdomain>
Lines: 23
User-Agent: Gnus/5.0808 (Gnus v5.8.8) XEmacs/21.1 (Cuyahoga Valley)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-doc@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-doc.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-doc>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-doc>
X-Loop: FreeBSD.org

Udo Erdelhoff <ue@nathan.ruhr.de> writes:

> Hi,
> some time ago, Bruce added the MD5 checksums for the 4.7 ISOs to
> the release notes website (www/en/releases/4.7R/CHECKSUM-i386.MD5
> in the CVS repository).  I think this is a good idea that should
> be repeated for 5.0.  I could assemble the file easily enough from
> the various CHECKSUM.MD5 files for the different platforms by
> sampling the mirrors.

I was about to say GREAT IDEA, because my practice has been to get an
ISO from one mirror and its MD5 from a different mirror.  It would be
even better to get the MD5s from a real, non-mirror freebsd.org server,
if there is such a beast.

But the extra security step could be rendered worthless if you happen to
get the "official" MD5 from the same mirror I get my ISO from (so they
could both be tampered versions), as I infer from the last quoted line.
I hope I've misunderstood something.

The PGP thing might eliminate this worry for the few who have taken the
time to learn and configure PGP tools, but it would be good to consider
the many more of us who haven't (and won't).

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-doc" in the body of the message