Hello:
I don't know if it's feasible to post here. I think three checksums for every ISO/Package would be enough. Size Plus checksums enhance data integrity and that make it hard to make meaningful tampering.

I am not sure if I am asking too much. I think it's good for some people.