we should detect when an ispec-generated ks.cfg has been modified by the user. we could do this in a non-secure way by adding an md5sum to the bottom. we would also need to add validation of the hash to the hwcert web site.
closing as ispec has been deprecated; might be worth coming back to should a similar feature be built elsewhere.