[Dylan16807]

I'm not sure what your argument is.

Yes if you want to trust it you have to sign it and make sure you implement all the crypto correctly. But I don't see a need for that here.

Also TCP's checksum sucks.

[wnight]

You said "sign or sanity check it", as if you can do whichever you want. But in the area suggested they have vast differences and security implications.

How many corrupted web pages do you see because of CRC failure in TCP?