From ac4422065e442b3e6ba666e1fbf5ce5538563f9b Mon Sep 17 00:00:00 2001 From: Jeffrey Paul Date: Mon, 18 Jan 2021 23:52:17 +0000 Subject: [PATCH] Update 'README.md' --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 721b4be..a86de26 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ Manifest file generator and checker. # Problem Statement -Given a plain URL, there is no standard way to safely and programmatically download everything "under" that URL path. `wget -r` can traverse directory listings if they're enabled, but every server has a different format, and this does not verify cryptographic integrity of the files. +Given a plain URL, there is no standard way to safely and programmatically download everything "under" that URL path. `wget -r` can traverse directory listings if they're enabled, but every server has a different format, and this does not verify cryptographic integrity of the files, or enable them to be fetched using a different protocol other than HTTP/s. Currently, the solution that people are using are sidecar files in the format of `SHASUMS` checksum files, as well as a `SHASUMS.asc` PGP detached signature. This is not checksum-algorithm-agnostic and the sidecar file is not always consistently named.