We all know http://www.win.tue.nl/hashclash/rogue-ca/ ("MD5 considered harmful 
today"). Therefore I'd like to provide sha1 sums of our ISOs as well. We should 
identify the parts where we need to adjust stuff. What's in my mind so far:

* grml-live: build process -> automatically generate .sha1 files
* grml-autoconfig: config_testcd()
* website: Download-page, FAQ, Wiki -> adjust/provide information how to verify 
ISOs