When new deliverables is available for download, e.g. a new release, or being distributed we would like to be able to confirm that the files have not been compromised, altered or tampered, with
- (preferably) a digital signature* of the software files or binarys, or
- a checksum control of the software files or binarys.
*This digital signature validates the identity of the software author or publisher and verifies that the file has not been altered or tampered with since it was signed.
Is this applicable in the way described above ?