Hi Zach,

>>No.  There is no need.  When Vanilla is released, an md5sum of the whole
>>package .tar.gz is included in the release announcement.

> Is it possible for a hacker to break into my system, alter
> the tarball package and yet for the md5sum to remain
> unaltered?

The MD5 sum is a cryptographic hash function. That means it makes
some sort of summary over a large amount of data, with the
mathematical certainty that there is an X chance that one can
find an alternative set of data that yields the same summary.
Usually the chances that that alternative set of data makes is
a valid and sensible tar file is zero.

>>One doesn't.  Use digital signatures.  I sign release announcements.
>>I'll sign this message.  If your e-mail service can't hack digital
>>signatures, use a better one.

> So now how would I send you a message encrypted with the
> key?

That is not his key, its a signature over the email message.
It is calculated using his private key. Your email program
will also calculate it, but using his public key for it.
If both the calculates signatures are equal then you know
that the message is unaltered AND that james is the only
one that could have signed it.

The only waekness in this story is, how do YOU get the
correct public keys from James? How do you make sure they
are actually his?

Usually people upload them to a PGP key server, like james':
(is the last one really yours James?) and mine:

But until you have verified with the person in some way that
that public key belongs to him you still cannot fully trust
it. Afterall you acquired the key over an insecure medium.

For software: play around with GPG (open source PGP,
http://www.gnupg.org/) and the secure email extension for
Mozilla email:  http://enigmail.mozdev.org/

In general: read up on cryptography. The GPG website should
give you some pointers.

Greetx, Erik

vanilla-devel mailing list
vanilla-devel at us.netrek.org