blymn@baea.com.au (Brett Lymn) writes:

> Maybe I am being a bit simplistic here but isn't the MD5 signatures
> available from the ftp server good enough to assure some level of
> trust that the distribution has not been tampered with?

In my opinion, no.  They are a nice "did this download correctly"
checksum, but I'd not consider them any form of secure.

Now, if those files were PGP signed, sure.

> (yes,
> assuming the files has not been tampered with on the ftp server) Or
> are you suggesting a service should be set up where the signatures can
> be encrypted with a public key and forwarded to the requestor for
> decryption?

Not really, no...

> What I was looking to do was to plug some of the standard script
> kiddie tricks such as loading trojan horses (can be fixed with
> immutable) and running network sniffers.  I believed that having a
> validation of the TCB via a cryptographically strong method (I believe
> md5 is one) was a nicety - saves running tripwire or the like over the
> binaries since they are handled automatically.

Yes, this is true.

--Michael