Category Archives: validation

If a file is digitally signed, is posting a hash very useful for security purposes?

Posted on by

In this question I asked about how to handle situations when SHA-256 hashes are not available for a file downloaded from the internet that contains executable code. Another community member insightfully asked if a hash is really needed to… Continue reading If a file is digitally signed, is posting a hash very useful for security purposes?

If a file is digitally signed, is posting a hash very useful for security purposes?

Posted on by

In this question I asked about how to handle situations when SHA-256 hashes are not available for a file downloaded from the internet that contains executable code. Another community member insightfully asked if a hash is really needed to… Continue reading If a file is digitally signed, is posting a hash very useful for security purposes?

When file hash not available, how to best check authenticity of a file?

Posted on by

Normally, The Document Foundation (TDF) publishes the SHA-256 and SHA-1 hashes, along with the MD5 checksum, for all LibreOffice releases. For example, see this.
However, for their current release (v7.1.4), TDF did not publish any hashes … Continue reading When file hash not available, how to best check authenticity of a file?

When file hash not available, how to best check authenticity of a file?

Posted on by

Normally, The Document Foundation (TDF) publishes the SHA-256 and SHA-1 hashes, along with the MD5 checksum, for all LibreOffice releases. For example, see this.
However, for their current release (v7.1.4), TDF did not publish any hashes … Continue reading When file hash not available, how to best check authenticity of a file?

When file hash not available, how to best check authenticity of a file?

Posted on by

Normally, The Document Foundation (TDF) publishes the SHA-256 and SHA-1 hashes, along with the MD5 checksum, for all LibreOffice releases. For example, see this.
However, for their current release (v7.1.4), TDF did not publish any hashes … Continue reading When file hash not available, how to best check authenticity of a file?

Is it true that frontend validation is generally redundant for minimalist contact forms on minimalist environments?

Posted on by

Say I have a continuously upgraded and well maintained LAMP environment with a website which its CMS is all-core and continuously upgraded as well and I have created a simple backend HTML contact form which is CMS-agnostic (not a module of… Continue reading Is it true that frontend validation is generally redundant for minimalist contact forms on minimalist environments?

What’s the merit of storing LTV (long term validation) information for RFC3161 tokens and what happens if a TSA private key would leak?

Posted on by

I’ll formulate my question in regards to timestamped PDF, but I wonder actually about the long term validation of RFC3161 tokens in general.
So, PAdES has the concept of Long Term Validation, which means (correct me if I’m wrong), that a d… Continue reading What’s the merit of storing LTV (long term validation) information for RFC3161 tokens and what happens if a TSA private key would leak?