cancel
Showing results for 
Search instead for 
Did you mean: 

Does the Ruckus team give SHA1 or MD5 sums for the ZD image downloads or provide that information anywhere?

linda_rudawitz
New Contributor II
Basically in this day and age anything that doesn't have an MD5 or SHA1 key on it makes me wary. Are you going to be supporting that information given the MR of 9.6 and going forward?
6 REPLIES 6

keith_redfield
Valued Contributor II
Hi Linda,

Good question. We've debated it. The images are signed, and so that internal hash serves to validate the images are correct. That doesn't mean you can't get a corrupt image, but it does mean the ZD will detect it and refuse to load.

(p.s. stick w SHA1 - the naughty boys -- and no I don't mean the NSA -- have cracked MD5)

I've referred this to our security team to see if they have any further comment.

linda_rudawitz
New Contributor II
Thank you Keith, appreciate it.

keith_redfield
Valued Contributor II
NP, and they agreed with my reasoning. So for now we will continue as is (though we do have a big makeover coming up which should make downloads a better experience)

philippe_valdez
New Contributor
Hi Keith,

Does this mean there will really be no way for ZD to install a corrupted image and in no way brick it?

Thanks.
Labels