: It _is_ a valid concern in general (I would never use md5 as a
: cryptographic hash, e.g., for passwords), but significantly less of a
: concern for this use.  The most important role of the hash is to
: ensure no corruption occurred during transfer.

Bingo:  We checksum the files with MD5, we sign the files with GPG



-Hoss

Reply via email to