[Lists] [Configure] [<<] [<] [by Thread] [by Date] [>] [>>] [Months] [Search] [eSubscribe] News Feed

discuss: TLDP and the Commercial World

Previous by date: 4 Mar 2005 12:00:31 -0000 Re: Volonteer lacks or(inc) TLDP on the turn ?, Rahul Sundaram
Next by date: 4 Mar 2005 12:00:31 -0000 Re: TLDP and the Commercial World, Rahul Sundaram
Previous in thread: 4 Mar 2005 12:00:31 -0000 Re: TLDP and the Commercial World, Rahul Sundaram
Next in thread: 4 Mar 2005 12:00:31 -0000 Re: TLDP and the Commercial World, Rahul Sundaram
Subject: Re: TLDP and the Commercial World
From: "Bas v.d. Wiel" ####@####.####
Date: 4 Mar 2005 12:00:31 -0000
Message-Id: <42284DC5.2020303@extranet.kompas-media.nl> 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Rahul Sundaram wrote:

| Hi
|
|> Would cryptographically signing the source files (and possibly
|> other single-file formats like pdf or html-single page) perhaps
|> provide a solution to provide an authenticity check instead of a
|> trivially duplicated logo? It doesn't need to be full-blown
|> cryptography involving elaborate keys. A relatively simple hash
|> function like md5 will do as a rudimentary signature.
|
|
| thats adds a whole lot of complications. users need md5sum tools to
| verify the integrity. In contrast a logo licensed for use only if
| the original isnt modified is simple to implement. Ascii text docs
| are rarely used compared to html versions. ascii text docs can have
| ascii logos and a link to an explanation as I have mentioned in a
| previous mail. what exactly is the problem in doing this?
|
|
|
| ===== Regards Rahul Sundaram
|
|
|   __________________________________ Celebrate Yahoo!'s 10th
| Birthday! Yahoo! Netrospective: 100 Moments of the Web
| http://birthday.yahoo.com/netrospective/

I don't see a problem in a logo per se. On the contrary, it's a very
sound idea. It's just that hash functions were made to verify
authenticity of a string of data and I thought: why not use them? It's
quite easy to put up a small web form where anyone who is in doubt
about the authenticity of the file they received can simply upload
their file (they're not that huge) and have it checked against a
database of automatically generated MD5 sums of  our archives. We
might even be able to use JavaScript to hash the file client side, to
save bandwidth. The biggest problem in this case would be generating
the MD5's of all files available. It's quite dummy-proof from the end
user perspective and might be useful in addition to a logo. I'd be
happy to write the necessary PHP for such functionality after I'm done
reviewing the Linux Mobile Guide.

Bas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFCKE3FjsOWd4ShSbERAt+JAJ9NcFPFD+o+uikOuCBv5f9gLzdiUwCfVl9v
zy/5z+uGSdD4uS1mHMeDJTY=
=YG3D
-----END PGP SIGNATURE-----
Previous by date: 4 Mar 2005 12:00:31 -0000 Re: Volonteer lacks or(inc) TLDP on the turn ?, Rahul Sundaram
Next by date: 4 Mar 2005 12:00:31 -0000 Re: TLDP and the Commercial World, Rahul Sundaram
Previous in thread: 4 Mar 2005 12:00:31 -0000 Re: TLDP and the Commercial World, Rahul Sundaram
Next in thread: 4 Mar 2005 12:00:31 -0000 Re: TLDP and the Commercial World, Rahul Sundaram
[Lists] [Configure] [<<] [<] [by Thread] [by Date] [>] [>>] [Months] [Search] [eSubscribe] News Feed
  ©The Linux Documentation Project, 2014. Listserver maintained by dr Serge Victor on ibiblio.org servers. See current spam statz.