On Thu, 2008-04-24 at 18:16 +0100, R Kimber wrote: > > Actually, it's not so much a question of trust as one of the > likelihood that my download is the same as what's on the server. If someone has compromised the iso on the server, he will also have uploaded the accompanying md5sum