[darcs-users] Data Integrity

Daniel Carrera daniel.carrera at theingots.org
Sun Apr 12 20:42:53 UTC 2009


Dan Pascu wrote:
> If integrity is all that matters a simple digest algorithm like md5/sha 
> would be enough to validate if a patch was not altered. GPG is not 
> necessary unless you also want to also do authentication.

A simple hash would be a good step, and personally I think that GPG is 
too "heavy" for what the features I'm talking about. I do want to see 
signed patches, but you can go for something much lighter than GPG.

Daniel.


More information about the darcs-users mailing list