niclaslindstedt
commented
3 years ago I've landed in producing signatures of the sfv files instead. It's quicker and will be much faster to verify.
Closed niclaslindstedt closed 3 years ago
niclaslindstedt
commented
3 years ago I've landed in producing signatures of the sfv files instead. It's quicker and will be much faster to verify.
niclaslindstedt
commented
3 years ago
Instead of doing hashes, it would be good to use gnupg to produce signatures.
Of course, using sfv checksums should still be possible for systems where attacks are very unlikely, since creating signatures requires that the user provides a gpg key.