2007/2/28, Hartmut Henkel <hartmut_henkel at gmx.de>: > how is security handled with an external repository service? E. g. how > easy is it for some agressor to replace some binary? It looks safer as > long as it's hosted at or around TUG (or pressed into DVDs). We can host md5s at tug/ctan. Best Martin