Tom Horsley wrote:
I doubt it. They are normally just part of the DVD image, and so are checked as part of the whole DVD. Probably no one has ever thought to provide individual checksums for those files.
It's worse. Even boot.iso lacks its (signed) checksum as far as I can see. So if you want vmlinuz and initrd.img safe, you have to download ca. 700 MB.
Moreover: listing key IDs here: http://fedoraproject.org/en/verify is not enough, I think. The standard is to list key fingerprints.
Paul W. Frields wrote:
Having said that, I ran these against sha256sum for you: Fedora 10 i386 DVD: ------------------- d4d48f5f976dbea7d777842b33c416a82566522026f335e5995ac336c0af0377 /isolinux/vmlinuz 90ede287e8d7db62bf1c9f544c195d246a343d4779f935ea1cf682b4bc385587 /isolinux/initrd.img Fedora 10 x86_64 DVD: --------------------- d058a0e253c1c2e25984bbc897a144515f6d3df9bf568cab52a98289ee4d4852 /isolinux/vmlinuz c7571e87d5ea9946bda7b341091c823cc21b85aae36afa91f61169e27dc18eab /isolinux/initrd.img
Thanks, they match! :-) (i386) STF ======================================================================= http://eisenbits.homelinux.net/~stf/ OpenPGP: 9D25 3D89 75F1 DF1D F434 25D7 E87F A1B9 B80F 8062 =======================================================================
Description: OpenPGP digital signature