Re: Fedora 8 torrents aren't signed!?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora <fedora-list@xxxxxxxxxx>
Subject: Re: Fedora 8 torrents aren't signed!?
From: Björn Persson <listor3.rombobeorn@xxxxxxxxxx>
Date: Mon, 12 Nov 2007 03:14:32 +0100
In-reply-to: <4736745D.8010706@xxxxxxxxxxxxxxxxx>
References: <200711090904.25111@xxxxxxxxxxxxxxxxxxxxxxxx> <Pine.LNX.4.64.0711102214570.18792@xxxxxxxxxxxxxxxxxxx> <4736745D.8010706@xxxxxxxxxxxxxxxxx>
Reply-to: For users of Fedora <fedora-list@xxxxxxxxxx>
User-agent: KMail/1.9.6 (enterprise 0.20070907.709405)

söndagen den 11 november 2007 skrev Rahul Sundaram:
> http://fedoraproject.org/verify is up. Would be added to the download
> page soon.

That page says, quite correctly, that the downloaded file should be verified 
for security and integrity. Then it says that if the file was downloaded via 
Bitorrent it has already been verified. Is that really so? As far as I know 
Bittorrent verifies for integrity but not for security – that is, it guards 
against errors in the download process but not against a maliciously modified 
torrent. Does Bittorrent verify some cryptographic signature that I don't 
know about?

Björn Persson

Follow-Ups:
- Re: Fedora 8 torrents aren't signed!?
  - From: Bruno Wolff III

References:
- Fedora 8 torrents aren't signed!?
  - From: Björn Persson
- Re: Fedora 8 torrents aren't signed!?
  - From: D. Hugh Redelmeier
- Re: Fedora 8 torrents aren't signed!?
  - From: Rahul Sundaram

Prev by Date: Re: Amarok and taglib
Next by Date: Re: USB flash drive become read-only
Previous by thread: Re: Fedora 8 torrents aren't signed!?
Next by thread: Re: Fedora 8 torrents aren't signed!?
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]