I thought the checksums were just for checking against corrupt bits in the
communication, not a security feature.
- henrik
19 sep 2012 kl. 09:39 skrev Glyn Normington :
> A user has pointed out that checksums downloaded over HTTP do not really add
> any security since a man-in-the-middle could
A user has pointed out that checksums downloaded over HTTP do not really add
any security since a man-in-the-middle could substitute a checksum to match a
substituted download. So why do we bother having these checksums? Would it be
better to enable the checksums to be downloaded over https or d
