Re: your mail

[jmm () elegant com (John Macdonald)]

smb () research att com wrote :
|| 
|| Neither sum nor crc-32 are worth the bits they're stored in, for
|| this purpose; both are easy to spoof.  If you're going to do it,
|| do it right:  md5.

Agreed.

|| Not that I'm convinced it's a good idea.  If an ftp site is compromised,
|| its ls-lR file and/or its ls command are likely to be dead meat
|| (dead silicon?) as well.  There's also the problem of different
|| versions, .Z vs .gz, etc.

There is one advantage in doing this sort of thing.  There is
a powerful security advantage in having many off-site copies
of the ls-lR+hash file.  It is *really* hard for to cracker
to spoof a change to an existing file - they have to keep the
date and hash values stay the same in the ls-lR file (or else
all of the myriad archie servers will note that things have
changed and possibly alert the community and it would be *really*
hard to crack all of the archie servers at the same time as the
original site).  If the cracker instead tries to leave the ls-lR
files looking as if nothing has happened (which means that the
hash value must be left unchanged) then the first time that
someone tries to validate the hash (either someone who has
downloaded the file, or an automatic validation process on the
isame ftp site or a mirror that decides to re-vilidate for some
reason) it will be detected.

The different versions issue is a significant one (think about
the variations in terms of mail/news headers that might be
retained from the transfer of the file to the ftp site - that
certainly would be the case for news source group archives).
-- 
That is 27 years ago, or about half an eternity in | John Macdonald
    computer years.        - Alan Tibbetts         |   jmm () Elegant COM