Dear List, Could anyone kindly tell me where I can find any digital signatures that belong to the SHA1SUM or other hashes of the downloadable .iso files (installer and live ISO)?
Since the ISO files have to be downloaded through an unencrypted FTP or HTTP connection along with their hash files, both could easily be manipulated and changed on the way to the user's machine. What am I missing here? Thanks!
