[wp-testers] Re: 2.2 Tagged

Marcos Sader | marcosmedia m at marcosmedia.com
Tue May 15 23:58:31 GMT 2007


+1

On 5/15/07, Alex Günsche <ag.ml2007 at zirona.com> wrote:
>
> On Tue, 2007-05-15 at 19:14 -0400, Brian Layman wrote:
> > For script that pull off of http://wordpress.org/latest.tar.gz could we
> > have one more dynamic link and have
> > http://wordpress.org/latest.md5 always pull the current md5 file?
>
> How about
> http://wordpress.org/latest.tar.gz.md5
> http://wordpress.org/latest.zip.md5
>
> and
>
> http://wordpress.org/wordpress-<version>.tar.gz.md5
> http://wordpress.org/wordpress-<version>.zip.md5
>
> Really, it would be cool to have md5 sums for the zips, too. For
> example, the InstantUpgrade uses zip (I don't know of a tar.gz unpacker
> written in PHP), and checksums would definitively improve security.


http://pear.php.net/package/Archive_Tar ;)

Maybe one could even think about GPG signing the checksums, which would
> result in a file like
>
> http://wordpress.org/latest.tar.gz.md5.asc
>
> This could be very useful next time somebody hacks the WP download
> server. ;)
>
>
> Best,
> Alex
>
> --
> Alex Günsche, Zirona OpenSource-Consulting
> http://www.zirona.com/ | Hilfe für das HQ AC: http://www.prohq.de
> PubKey for this address: http://www.zirona.com/misc/ag.ml2007.asc
>
> _______________________________________________
> wp-testers mailing list
> wp-testers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-testers
>



-- 
Marcos Sader
m at marcosmedia.com


More information about the wp-testers mailing list