Tom Horsley wrote:
I doubt it. They are normally just part of the DVD image, and so
are checked as part of the whole DVD. Probably no one has ever
thought to provide individual checksums for those files.

It's worse. Even boot.iso lacks its (signed) checksum as far as I can see. So if you want vmlinuz and initrd.img safe, you have to download ca. 700 MB.

Moreover: listing key IDs here: http://fedoraproject.org/en/verify is not enough, I think. The standard is to list key fingerprints.

Paul W. Frields wrote:
Having said that, I ran these against sha256sum for you:

Fedora 10 i386 DVD:
-------------------
d4d48f5f976dbea7d777842b33c416a82566522026f335e5995ac336c0af0377  
/isolinux/vmlinuz
90ede287e8d7db62bf1c9f544c195d246a343d4779f935ea1cf682b4bc385587  
/isolinux/initrd.img

Fedora 10 x86_64 DVD:
---------------------
d058a0e253c1c2e25984bbc897a144515f6d3df9bf568cab52a98289ee4d4852  
/isolinux/vmlinuz
c7571e87d5ea9946bda7b341091c823cc21b85aae36afa91f61169e27dc18eab  
/isolinux/initrd.img

Thanks, they match! :-) (i386)

STF

=======================================================================
http://eisenbits.homelinux.net/~stf/
OpenPGP: 9D25 3D89 75F1 DF1D F434  25D7 E87F A1B9 B80F 8062
=======================================================================

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

Reply via email to