Closed Bug 293041 Opened 20 years ago Closed 14 years ago

Add a link to the checksums

Categories

(www.mozilla.org :: General, defect)

Product:
www.mozilla.org
Component:
General
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: gl1_zla, Assigned: jslater)

References

(
URL
)

Details

Attachments

(1 file)

Brief patch to add link to checksums
1.03 KB, patch
Details | Diff | Splinter Review 
I've added a link that points to what appears to be the release directory via
the ftp.mozilla.org domain name.  This is a result of the thread I started at
http://forums.mozillazine.org/viewtopic.php?p=1441234#1441234

While I think this is the right location on the product page to put this link, I
don't really mean to suggest that the link should go to this directory page.  It
makes more sense to write up a short page of the form:

   Checksums are used to make sure that the kit you received is really 
   the one we built.  This might happen, for example, if one of the 
   many mirror sites we use for downloads was hacked.  Since these 
   checksums are coming to you directly from the Mozilla site (you did 
   check the URL to be sure it begins with "http://ftp.mozilla.org" or 
   "http://www.mozilla.org", didn't you?), and not coming by way of the 
   mirror site, the checksums provide an extra measure of confirmation 
   that you've downloaded an authentic kit.

   There are no known cases of such a malicious attach happening, and 
   these help to keep it that way.  

   We provide checksums using both the MD5 and SHA1 algorithms.  To 
   validate your kit, you need a tool that can calculate the checksum 
   on the kit you've downloaded, and then you just need to compare the
   resulting, very long string with the expected string for your kit that
   we have published <a...>here</a>.  Most Linux and UNIX based systems
   have tools named md5sum and sha1sum, which can do this for you.  On
   other systems including Windows, there are a number of free checksum 
   tools available on the net.

I'm not really familiar with the Mozilla documentation policy, conventions for
links, symbols, etc.  Perhaps at a later date, I'd be ready to contribute
directly to CVS.

Thanks,

Gary
The patch shows where to make the change and what the ultimate target should
be, but ought really be edited for consistency with conventions, etc.
Assignee: www-mozilla-org → nobody
QA Contact: danielwang → www-mozilla-org
Firefox product page is hosted on www.mozilla.com now.

--> Websites :: www.mozilla.com
Component: www.mozilla.org → www.mozilla.com
Product: mozilla.org → Websites
QA Contact: www-mozilla-org → www-mozilla-com
Version: other → unspecified
reassigning to jslater - is this something we want?  If so, what should it look like?
Assignee: nobody → jslater
As it has been almost six years (!!!) since this bug was filed, I'm going to boldly assume that we won't be adding checksum links to the product page.
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → WONTFIX
(In reply to comment #4)
> As it has been almost six years (!!!) since this bug was filed, I'm going to
> boldly assume that we won't be adding checksum links to the product page.

Age isn't an issue - we should leave it to jslater (assignee) to resolve it, rather than base it on an assumption.

Reopening.
Status: RESOLVED → REOPENED
Ever confirmed: true
Resolution: WONTFIX → ---
I was hoping to wait another six years before commenting on this bug, but since you've forced my hand I think we can go ahead and close it. We've done ok for this long.

Thanks all-
Status: REOPENED → RESOLVED
Closed: 14 years ago14 years ago
Resolution: --- → WONTFIX
Component: www.mozilla.org/firefox → www.mozilla.org
Component: www.mozilla.org → General
Product: Websites → www.mozilla.org
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: