MD5 checksums to ensure delivered package integrity?
I hope for some assistance .I have been given to understand that Portage may be configured to execute SHA-level package verification upon receipt as a matter of course. Is this true; or does this system rely exclusively upon MD5 checksums to ensure delivered package integrity?
Relatedly, how are received packages verified at the Gentoo side before redistribution to end-user installations?
Next, what vetting is required regarding individuals involved in the chain of custody for packages which are distributed ? .I checked many firewall configuration explainer videos but did not find any solution to my problem.Please help me out.
Any help will be appreciated.