From mboxrd@z Thu Jan 1 00:00:00 1970 Content-Type: text/plain; charset="iso-8859-1" From: Bill Laut To: Subject: Re: Verify the integrity of downloaded archives Date: Thu, 6 Nov 2003 01:11:16 -0500 References: <000001c3a3db$2dad18f0$02000a0a@lady> In-Reply-To: <000001c3a3db$2dad18f0$02000a0a@lady> MIME-Version: 1.0 Message-Id: <200311060111.16197.wlsel@verizon.net> Sender: owner-selinux@tycho.nsa.gov List-Id: selinux@tycho.nsa.gov While I'd love to meet a hacker who could successfully break into the NSA's website to install a Trojan (;-), Oliver does bring up a good point. As SELinux gains a wider audience it would be reasonable to anticipate the distro eventually getting mirrored at other sites. Since the use of digital signatures as an integrity-check is now commonplace within the Linux community, would it be reasonable to start posting signatures on the NSA website? Bill On Wednesday 05 November 2003 03:26 pm, sMoTo wrote: > Hello, > > how can I verify the integrity of the archives offered on the project > page? Is there any possibility? How can I be sure not to work with > corrupted data? > > Best regards. > > ### Oliver Fritz > ### Singerstrasse 80 > ### 10243 Berlin -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.