When I'm asked to add hash or replace hash (or block) what does it mean and what is the best practice to deal with it? It came up when installing (updating) VLC.
This alert usually comes up when you update some program and its executable file changes.
If you didn't update or change anything, but have this alert, it's weird and I'd block.
Otherwise for 99% people replace hash is OK.
Add hash was mostly implemented for corporate environments (and for the rest 1% people who need it for some reason). When rules are enforced by domain admin to many PCs, some PCs may have one version of a software, some-other. To have one ruleset for all PCs with different versions it's allowed to have several hashes.
Many thanks; also my posting should be corrected to "replace hashes" instead of "recalculate hash". :-[