Please sign the checksum file and upload a public key to a trustworthy keyserver. Or use a method of your own choice. Downloading both the ISO and its checksum from an obscure server, unencrypted, is hardly a confidence booster. Even SourceForge is a better choice. Otherwise, you’re doing a great job. Congratulations! Long live Unity!
I would like to see if there could be a way to verify the authenticity of the checksums with a GPG key, I would be willing to make those GPG keys with new ISO releases
For now a sha256 would do just fine, preferebly posted by the maker in a public place like this very forum or Ubuntu Unity’s website. We need some sort of assurance that the ISO is originating from the maker.
+1! This should really be a feature.
so, with the great new step of being official, this may be considered as done then, i guess (-:
If you use zsync to download and update the kinetic iso it runs a checksum automatically.