Community
Participate
Working Groups
The downloads pages currently include MD5 checksums for the downloads. However, with the recent attacks against MD5, this is no longer a good guarantee that the download has not been replaced with a trojan horse. Adding another checksum (e.g. SHA-1) *in addition* to the MD5 checksum will vastly increase the reliability of the guarantee (it is very difficult to have a trojan horse that can simultaneously match both MD5 and SHA-1 checksums). Using SHA-1 *instead* of MD5 is not sufficient, since there are also attacks on this algorithm.
Reassigning to Platform Releng. They own the platform download pages. D.
Hi Haytham, When you have finished the other bugs, could you take a look at this one? thanks :-)
Haytham fixed this, I merged his changes into HEAD for 3.3 builds.