Cryptografically signed ISO images
Kent Kuriyama
kent.kuriyama at gmail.com
Sun Mar 2 18:52:57 UTC 2014
Elias, If the use of SHA-2 hashes don't provide enough assurance that the
ISO images are authentic can you explain the crypto technology that you are
looking for? Digitally signatures would enable one to verify that the
published hashes are indeed from a trusted source - Is that what you are
seeking?
On Sun, Mar 2, 2014 at 8:38 AM, Elias Diem <lists at webconect.ch> wrote:
> On 2014-03-02, Anton Sayetsky wrote:
>
> > Partly.
> >
> > http://en.wikipedia.org/wiki/SHA-2
> > > SHA-2 is a set of cryptographic hash functions (SHA-224, SHA-256,
> SHA-384, SHA-512, SHA-512/224, SHA-512/256) designed by the U.S. National
> Security Agency (NSA) and published in 2001 by the NIST as a U.S. Federal
> Information Processing Standard (FIPS).
>
> Ah well, I was looking for a signature (like PGP or
> something).
>
> I therefore assume that there are no crypto signatures,
> "only" checksums.
>
> > I forgot to say that checksums are also present in all release
> announcements.
>
> That might help a bit.
>
> --
> Greetings
> Elias
>
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe at freebsd.org"
>
More information about the freebsd-questions
mailing list