A software firm posts patches and updates to a publicly accessible FTP site. The software firm also posts
digitally signed checksums of all patches and updates. The firm does this to address:
Integrity of downloaded software.
Availability of the FTP site.
Confidentiality of downloaded software.
Integrity of the server logs.
Digital Signatures is used to validate the integrity of the message and the sender. In this case the software firm
that posted the patches and updates digitally signed the checksums of all patches and updates.