|
From: | John Arbash Meinel |
Subject: | Re: [Gnu-arch-users] Re: MD5 is broken |
Date: | Wed, 16 Mar 2005 09:16:08 -0600 |
User-agent: | Mozilla Thunderbird 1.0 (Macintosh/20041206) |
Adrian Irving-Beer wrote:
On Wed, Mar 16, 2005 at 02:49:37PM +0100, Matthieu Moy wrote:By the way, why doesn't arch just sign the .tar.gz instead of signing a hash of this .tar.gz ?Presumably since it also wants to sign the log file, but avoid a detached signature for every file (ugly).
Why not put both detached signatures into the checksum file? John =:->
signature.asc
Description: OpenPGP digital signature
[Prev in Thread] | Current Thread | [Next in Thread] |