Re: ISO download very failed

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 06/10/2009 05:48 PM, Kevin J. Cummings wrote:
> Steve Searle wrote:

>> I thought torrents were self checking, so does this mean their is an
>> invalid iso image out there, and do I need to download it again?
> 
> The torrents are self checking, but I'm not sure what they check
> (md5sum, sha1sum, or sha256sum).  That's why a CHECKSUM file is included
> with the torrents.

The bittorrent protocol checks that what you download isn't physically
corrupted, nothing more.  Hence, if someone relabels a hacked ISO file
as Fedora-11-i386-DVD.iso, and it's downloaded via BT, you're guaranteed
to get the exact same hacked ISO that was posted.

If one wants to make sure that the contents actually came from Fedora
Project, on the other hand, that requires checking that the sha256sum
agrees with that in a CHECKSUM file with a good signature from Fedora
Project (done using gpg --verify).

Which torrent was this downloaded from?  Normally, if the contents are
bad, the comments will root it out pretty quickly.


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux