Information about the Digital file signatures process

Information about the Digital file signatures process

Postby twomby » 24.04.2012, 05:43

Hi,

First of all, let me thank you for your fantastic software, extremely helpful.
Just a quick question for you. I have searched in the documentation, around the board and elsewhere on google, but did not find anything to help me.

I use wsus offline to update many different kind of Windows and office installations, in both French and English. My first download/update was pretty long, and my WSUS offline directory is close to 10gb. Everytime I run the Update Generator, I get a few updates, but the "Verifying digital file signatures for X (depending on which version of Windows/Office the update generator is working)" process at the end is extremely long. I was wondering if the process checks all the already downloaded files, or only the files that were downloaded during the current update. Also, I was wondering if I should skip this step by unchecking "Verify downloaded updates" in the update generator GUI without too much risk. I am not concerned about data integrity on my end. So, to summarize:

1. Is it normal for the digital file signatures verification to be extremely long based on my package (10gb of WinXP, Vista, 7, and Office 2000/XP/2007/2010 updates/packages in both French/English) during each update ?

2. Is it *generally" safe to skip this test ? I will do it from time to time, but I'd like to know if I can skip it when I simply make a minor update, and if it can cause any issue.

Thank you very much for your help in advance.

Regards,

Tommy
twomby
 

Re: Information about the Digital file signatures process

Postby boco » 24.04.2012, 19:23

I was wondering if the process checks all the already downloaded files, or only the files that were downloaded during the current update.
All files.

Also, I was wondering if I should skip this step by unchecking "Verify downloaded updates" in the update generator GUI without too much risk.
AFAIK disabling verification does not disable the sigcheck (done by a Microsoft tool), only the generation and verification of the checksums.

I am not concerned about data integrity on my end.
You really should.

1. Is it normal for the digital file signatures verification to be extremely long based on my package (10gb of WinXP, Vista, 7, and Office 2000/XP/2007/2010 updates/packages in both French/English) during each update ?
Yes, with a large repository, it can take a while, but no more than a few minutes usually. Files failing that check are deleted. The speed can be influenced by CPU, HDD speed and antivirus/antimalware realtime scanners.

2. Is it *generally" safe to skip this test ? I will do it from time to time, but I'd like to know if I can skip it when I simply make a minor update, and if it can cause any issue.
You may want to leave verification enabled, because disabling it will delete the stored checksums.
Last edited by harry on 24.04.2012, 20:54, edited 1 time in total.
Reason: BBCode war ausgeschaltet
Microsoft update catalog: http://catalog.update.microsoft.com/v7/site/
Windows Install media download: https://support.microsoft.com/en-us/help/15088/windows-create-installation-media
boco
 
Posts: 2391
Joined: 24.11.2009, 17:00
Location: Germany

Re: Information about the Digital file signatures process

Postby twomby » 24.04.2012, 21:13

boco,

thank you very much for your prompt answer, it is much appreciated! Just a clarification: I am not concerned about data integrity in the sense that once the check is done initially, I have the files on 4 different HD's and USB storage. That was not clear in my first message. I understand that I should generally be concerned about data integrity (and I am!) :)

You mentionned "no more than a few minutes", but it took about an hour in my case, especially for w60. Others were shorter, but usually 5-10 minutes. This was done on a Core i5 @3.7ghz with 8gb of ram. But the packages were on a map networked drive on a 1000MBPS link. I'll try to move the folder on my physical drive next time, to see if this was the issue. My guess is that this is the bottleneck.

Thanks for the advice again!

Cheers,

Tommy
twomby
 

Re: Information about the Digital file signatures process

Postby boco » 25.04.2012, 13:42

We had cases of antivirus programs slowing down every action with file access. Of course, using a network share adds to that.
Microsoft update catalog: http://catalog.update.microsoft.com/v7/site/
Windows Install media download: https://support.microsoft.com/en-us/help/15088/windows-create-installation-media
boco
 
Posts: 2391
Joined: 24.11.2009, 17:00
Location: Germany


Return to Installation / Updating

Who is online

Users browsing this forum: Google [Bot] and 60 guests

cron