Does PHP’s Composer provide cryptographic authentication and integrity validation?

Does PHP’s Composer package manager cryptographically validate its payload’s authentication and integrity for all packages after downloading them and before installing them?
I see a lot of guides providing installation instructions with st… Continue reading Does PHP’s Composer provide cryptographic authentication and integrity validation?

Is there a way to guarantee that a static HTTP page is unchanged from when it was last reviewed

I’m making a simple web service that (skipping other details) allows a user to upload a message that can be retrieved by another user but can be decrypted only with a certain key. The message is encrypted and decrypted on the client side a… Continue reading Is there a way to guarantee that a static HTTP page is unchanged from when it was last reviewed

How to receive large files guaranteeing authenticity, integrity and sending time

I need to receive some important documents from another person. It may be important to be able to prove (in justice) which files exactly I received from that person at a specific moment.
My first guess was to ask the person to send me the … Continue reading How to receive large files guaranteeing authenticity, integrity and sending time

What is the point of a gpg file alongside the hash of a Linux ISO download? [duplicate]

I use linux and tend to distro hop a lot. I’ve noticed often that the distributions offer that you verify the download with a sha256sum hash and a GPG key.
My understanding is that a file, e.g. a linux .iso file will have an (almost) uniqu… Continue reading What is the point of a gpg file alongside the hash of a Linux ISO download? [duplicate]

Why does IPsec has a "partial" replay protection? If we drop all packets outside the moving window, then where is the threat?

IPsec is said to have "partial" replay protection because if a packet arrives outside the window, we can’t track it, so we have to make a choice: do we risk and accept it, or do we drop it?
If we drop all these outside-window pa… Continue reading Why does IPsec has a "partial" replay protection? If we drop all packets outside the moving window, then where is the threat?