On Sat 2018-01-20 14:10:28 +0100, Thomas Schmitt wrote: > as described in > https://lists.debian.org/debian-cd/2018/01/msg00021.html > jigdo-file verifies the .template file and the resulting ISO image only > by MD5 checksums which stem from the .jigdo or from the .template file. > The .jigdo file is not verified at all. > > Both issues have own bug reports (#887831 and #887830). This one proposes > a preliminary fix by simply telling the user that it's not safe yet. > > The final message after the MD5 check of the finished ISO image is > overly affirmative: > "OK: Checksums match, image is good!" > It stems from jigdo-file and it might be used by automated callers of > jigdo-lite as indication of successful download. > > But after this message, jigdo-lite could point to the advised verification > by GPG and a more secure checksum type like SHA512.
Please let's not ask the user to do something that the software can do
automatically for them. If the user used jigdo, and the author(s) of
jigdo know how to do the appropriate checks, then jigdo should just do
the checks and report the result, not tell users how to do the checks
and expect them to actually follow through. We know in practice that
won't happen.
Let's make our tools usable.
--dkg
signature.asc
Description: PGP signature
