Foiling MITM attacks on source and ports trees

[Wojciech Puchar]

> It's a beginning for sure. I assume (403 error) Max generates and
> saves digests on his snapshots and the verification script does the
> same locally and simply compares both lists.
>
it's plain paranoia. Yes such attacks are possible but usually there 100 
other ways to compromise Your systems.

if one really care then make your VPN for all your computers, use one that 
is unknown for others to download portsnap etc. and then use rsync to 
populate it to other machines.