Hey, I'll just throw in a summary of the various issues discussed in this thread and the ones surrounding it. The idea is that the discussion shouldn't be gone to waste, a few things have been agreed on after all. For now, let's focus more on what we can agree on than on the disagreements. Correct me if I'm wrong, but I guess agreement is on the following things: (1) Having a working and well-documented bootstrap process is definitely a plus. Aside security, it makes porting Haiku to new platforms easier. (2) Using MD5 in package hashes is not a good choice anymore (see e.g. [0]), a newer algorithm like SHA-2 or SHA-3 is more suited. (3) Package signing is a good idea so the user can know if a package really originates from a certain source. Whether a leap-of-trust or PKI approach is better is still in disagreement, though. (4) Secure boot would require a large amount of work. If someone wants to do it, it should definitely be an optional feature. So far so good...? [0] http://en.wikipedia.org/wiki/Hash_function_security_summary -- So long, jua