Am Dienstag, 25. Juli 2006 00:39 schrieb Rolf Schumacher: > Thank you, Ingo. > > > The checksum approach isn't quite usefull I think, since algorithms > > are and should be changed by hand and communication between developers > > should be done as direct as possible. If you introduce checksums, you > > provide a tools that simulates stability where there is none. There > > is no fire and forget algorithm that you haven't develeoped and > > documented quite well. > > Think of a checksum as a means to secure a message. > Any secure protocol connection lives upon that. It's useful at least in > that case. Ouch, sorry rolf, but you didn't seem to get me. I never wanted to say that checksums are complete rubbish, but I don't think that they are really usefull to secure the stability of code. All I wanted to say is that the stability of code has to be controlled by the underlying logic and you will fail if you rely on valgrind, splint. They are usefull to locate some errors that have already been detected in a complex system, I think. If you really want invariant concepts in your code and stay there, you have to specify, prove and implement carefully. Of course, if you think your objects or your code are attacked by someone you are right to implement some checksumming. If you have several people who install submodules into one system I would prefer gpg-signing by the installer.
