[Stackless] MD5 checksums for gzipped tarballs?

Richard Tew richard.m.tew at gmail.com
Fri Nov 2 12:06:45 CET 2007


On 11/2/07, Christian Tismer <tismer at stackless.com> wrote:
> No idea if my helpers are ready to do that, right now.
> If not, would you mind to get a Starship account?
> You can do everything you like from there.
>
> On the other hand, the whole Stackless stuff is hosted
> by python.org.
> What is the point of providing md5 sums?
> Is python.org not treated as a trustable source?

I have generated the MD5 self-checking Python scripts for all
downloads from stackless.com.

Perhaps it would be an idea to check in the MD5 checksums for the
downloads into the python.org SVN?  Or do we have somewhere more
appropriate?  In order to prevent the compromising of the checksums,
should the downloads themselves be compromised somehow.

Cheers,
Richard.




More information about the Stackless mailing list