On 6 December 2014 at 22:49, <l(_dot_)wood(_at_)surrey(_dot_)ac(_dot_)uk> wrote:
Security pedants might wonder why there is no easy way to authenticate
electronic copies of RFCs, given the vast array of security-related
protocols that the IETF has defined. How can I check the integrity of an
RFC document and that it hasn't been tampered with? I imagine an MD5sum
just won't do.
All the copies I'm reading are properly signed, according to RFC 4637. If
yours aren't, maybe they *have* been tampered with.
Dave.