Menu
MD5 checksum is widely used for integrity checking for Http downloading big files. My question is, since TCP itself provides reliable mechanism (i.e. checksum for each TCP package to ensure its integrity). So, in short TCP is reliable. Http is based on TCP (so Http should also be reliable), so why we need another mechanism of integrity checking (i.e. MD5 checksum)?
thanks in advance, George
705
Most often you use the hash sum for an out of band (printed on the webiste for example) check of the download integrity, not programmatic.
This prevents manipulation of the download artifact.
155
Answer is simple. The source file may already be corrupt before you even begin downloading. TCP only verifies that the file you download is the same as the source. MD5 guarantees that you could know if it's corrupt whether the cause be a problem in transfer or the initial file itself.
42
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
