Hi, Antoine Beaupré wrote: > Severity set to 'grave' from 'normal'
This is really overdone. See jigdo as a peculiar way of downloading the ISO with a MD5 check where e.g. wget has none at all. And as said, for now jigdo seems indispensible for the fat ISO sets. > If the ISO image generation is broken, it should be fixed. My bug report does not say that ISO production is broken or that jigdo is the reason for any of the checksums in the package management. I doubt both theories. > In the meantime, I think it's perfectly acceptable to remove MD5sums > from the archive, at the cost of breaking jigdo. I agree to this plan, if you afterwards verify that debian-cd still can produce a pair of .jigdo and .template which jigdo-lite then can use to create the identical ISO by help of a package mirror. I place my bet on no problems, but i may be wrong. > Or, to put it another way, it's completely unacceptable that jigdo uses > MD5 to authenticate checksums, It does so for cross-table key matching, where MD5 suffices by all means of hash table theory. It does so for verifying internally what can be verified externally by the best means which Debian offers for its ISOs. I advise to do the external check of .jigdo and .template before the run of jigdo-lite and the external check of .iso afterwards. There is bug #887837 where i propose to add a reminder message at the end of the jigdo-lite run. Debian could really need a end-user comprehensable description of the credible verification from GPG to SHA512 to ISO. This is completely independent of jigdo and applies to all download methods for ISOs. Have a nice day :) Thomas
