Why is Asfaload relevant?

It is becoming important to ensure a file’s authenticity when downloading it from the internet. Here are some examples:

• Fake news are common today. Ensure that the report you downloaded is genuine and unmodified by a malevolent actor.
• Malware is spread disguised as well-known software. Detect that the software you doanloaded was not validated by the author of the genuine software.
• Software development involves the download of files from the internet, e.g. Github Releases. Asfaload helps detecting when downloaded files were tampered with.

Asfaload aims to make downloading friles from the internet more secure, also by supporting integration in existing tools.

Is this using blockchain technology?

No. An earlier PoC of our solution was using a blockchain, but we realised we could do without it and now the only data-store we use is a git repository available to anyone to audit.

Why not use PGP/GPG ?

GPG is a general encryption tool applicable for file encryption, content signature, mail encryption, etc… It is recognised as being hard and cumbersome to use, which is confirmed by its low level use.

Asfaload is focused on one task and is easier to use while bringing additional features like multisig validation.

If I start using Asfaload as a publisher, am I locked in?

Absolutely not, you can stop using Asfaload at your discretion, but the your users won’t be able to validate any newly published file.

If I publish with Asfaload, are my users required to use Asfaload to download files?

No. Files registered in Asfaload are available as before, nothing changes regarding the availability or the access of the files. People downloading with asfaload get a higher security though.

As a downloader, can I user asfaload to download files from publisher not using Asfaload?

Yes. Switch to using asfaload for all your file downloads, and benefit from a higher security when the publisher also authenticates their files with Asfaload.