Re: your mail

[cklaus () shadow net (Christopher Klaus)]

> From: Paul Robinson <PAUL () TDR COM>
> Organization: Tansin A. Darcos & Company, Silver Spring, MD USA
> -----
> Brent Chapman <brent () greatcircle com>, writes:
>
> > The problem is, how would the Archie servers determine the 
> > checksums?  The Archie servers don't download all the files; they 
> > merely connect to each FTP server and get a recursive directory 
> > listing, which they then massage into their database.  To get the 
> > checksums, they'd either have to download every file (very 
> > impractical, given the amount of stuff out there), or get the checksum 
> > info from the FTP server they're talking to.  There's currently no 
> > standard way (hell, there's not even any reasonably COMMON way) to get 
> > checksum info from FTP servers. 
>
> Which brings up another question: WHICH checksum do they use?  
>
> Most useful, say, for MSDOS clients would be the CRC-32 checksum which is
> used by Zmodem and PKZIP, and a file stored in a Zip archive, if checked
> on a file, would match.
>
> On a Unix site, the two-word result from 'sum' would be appropriate and 
> most useful.

No way.  sum is easily changed to any value you want.  i suggest something
as strong as md5.





> For other places, MD5 would be better and provides a stronger check than 
> CRC-32.  
>
> So which do you use, and how do you know which of these you are getting?
> And how do we get a CRC request added to the list of FTP commands, or
> the data supplied from them?
>
> ---
> Paul Robinson - Paul () TDR COM
> Voted "Largest Polluter of the (IETF) list" by Randy Bush <randy () psg com>
> -----
> The following Automatic Fortune Cookie was selected only for this message:
>
>       Lassie looked brilliant, in part because the farm family she
> lived with was made up of idiots.  Remember?  One of them was always
> getting pinned under the tractor, and Lassie was always rushing back to
> the farmhouse to alert the other ones.  She'd whimper and tug at their
> sleeves, and they'd always waste precious minutes saying things: "Do
> you think something's wrong?  Do you think she wants us to follow her?
> What is it, girl?", etc., as if this had never happened before, instead
> of every week.  What with all the time these people spent pinned under
> the tractor, I don't see how they managed to grow any crops
> whatsoever.  They probably got by on federal crop supports, which
> Lassie filed the applications for.
>               -- Dave Barry


-- 
Christopher William Klaus  <cklaus () shadow net>  <iss () shadow net>
Internet Security Systems, Inc.   
2209 Summit Place Drive,Dunwoody 
GA 30350-2430. (404)998-5871.