Changes

| valign="top" |Automatically verifying MD5/SHA1 hashes, and optionally PGP signatures, of downloads. When you have downloaded a file, the download manager should try to download filename.md5, filename.sha, filename.asc and run the associated tool on the downloaded file to verify. Mark the entry as red or something in the download manager, and change the Open link to Info link, if the file did not verify. The Info link would open a page explaining what is wrong. It could perhaps have a open or preferably just delete file button. More difficult case would be to get the md5/sha1 signature if it is just embedded on the page where the download link is, but you could try some heuristics...(see also [https://bugzilla.mozilla.org/show_bug.cgi?id=292481 bug 292481])