I think you are missing two very important points that are addressed in the official documentation and have been pointed out to you by other respondents:
1. what you are asking for provides NO real added security, and perhaps just the opposite through FALSE SENSE of security, and 2. the fact that other projects choose to offer such ineffective "solutions" does not mean that it is the right thing to do -- and OpenBSD is notorious for doing The Right Thing(TM) however unpopular that may be. P.S. (to regulars and "moderators") Does this discussion really belong on tech or is this more in line with misc@ noise? On 11 Sep 2013 at 20:53, Valentin Zagura wrote: > I don't think I'm more paranoid than the average considering that Debian > has a way to do this (http://www.debian.org/CD/verify), fedora has a way > to do this (https://fedoraproject.org/verify), even Freebsd has a way to > do this ( https://www.freebsd.org/releases/9.1R/announce.html). > > The thought of being more paranoid than an OpenBSD guy is not very > comfortable :) > > > On Wed, Sep 11, 2013 at 8:13 PM, Daniel Bolgheroni > <dan...@bolgh.eng.br>wrote: > > > On Wed, Sep 11, 2013 at 03:17:20PM +0300, Valentin Zagura wrote: > > > Yes, we know, but that file can also be easily compromised if it's > > > not available for download with a secure protocol (HTTPS) > > > > If you're paranoid, build your own hardware from the ground up, > > including designing your own CPU and complementary circuits, download > > all the sources, audit them all, compile and then run. > > > > You can't be fooled by wrong measurements of security. > > >
