True! My original point though is that just providing a hash for a downloaded file is generally not required. It doesn’t provide anything that other layers haven’t already (a hash only guarantees integrity, while downloading over HTTPS provides authenticity). Personally, I see them as a relic of the past that made more sense when transmission was less robust (though even back then, a lot of layers provided some sort of error detection and correction), and modern filesystems can detect errors as well.
Those must have been really helpful in 1999.
Doubt it, they were more likely using md5sum files in 1999.
True! My original point though is that just providing a hash for a downloaded file is generally not required. It doesn’t provide anything that other layers haven’t already (a hash only guarantees integrity, while downloading over HTTPS provides authenticity). Personally, I see them as a relic of the past that made more sense when transmission was less robust (though even back then, a lot of layers provided some sort of error detection and correction), and modern filesystems can detect errors as well.