TMD's may or may not have certificates appended at the end of the file, so the filesize varies with/without certificate, see gbatek for details.
TMD's are included in the .bin file when exporting games to SD card (via DSi's Data Managment function) (and the DSi SRL extractor tool does/should probably have some commandline option for extracting the TMD), so it isn't strictly neccessary to download them before the shop closes - the stuff isn't lost, unless a game has been so unpopular that everybody deleted it from the console after playing it a few times (or unless nobody ever bought that game at all). NB. nobody ever said that SRL extractor requires hardmods or hacking (unless using commandline tools is considered to be hard hacking).
TMD's don't contain any meaningful data, and it's quite unclear what Nintendo had in mind with that files, essentially, they are just wasting FAT clusters. Maybe they would have some purpose for titles with "multiple contents", but as far as I know, all DSi titles do have only "one content". The version entry might help on finding the game's version specific filename, but apparently ahezard got "v0 sudoku .app" working with "with the v257 .tmd" (don't know with which .app filename though). And the size/sha1 entries, Nintendo would be definetely able to verify them, but doing so would be totally pointless.
The thing that they've got wrong is verifying the RSA for the (useless) .tmd file, instead of the RSA for the (console specific) .tik file. Concerning piracy that's a really big mistake, but, on the other hand, it's allowing to install sudoku- or 4sword-hax on every (hardmodded) DSi console, so I wouldn't complain too much about it.
The RSA option in no$gba affects only 80h-byte signatures that are verifyied via the BIOS SWI functions (and even then, you would still need a valid signature, the option does just allow to use unencrypted signatures (="raw" SHA1's with padding) alternately the RSA-encrypted ones). Anyways, the option won't affect 100h/200h-byte signatures, so you can be sure that emulator & hardware will behave exactly the same on them.
Oh, and one question: When manually installing extra titles, did't you need to modify the "wrap.bin" and/or "menusave.dat" file(s), or did the launcher allow to boot the new titles without modifying those files?
TMD's are included in the .bin file when exporting games to SD card (via DSi's Data Managment function) (and the DSi SRL extractor tool does/should probably have some commandline option for extracting the TMD), so it isn't strictly neccessary to download them before the shop closes - the stuff isn't lost, unless a game has been so unpopular that everybody deleted it from the console after playing it a few times (or unless nobody ever bought that game at all). NB. nobody ever said that SRL extractor requires hardmods or hacking (unless using commandline tools is considered to be hard hacking).
TMD's don't contain any meaningful data, and it's quite unclear what Nintendo had in mind with that files, essentially, they are just wasting FAT clusters. Maybe they would have some purpose for titles with "multiple contents", but as far as I know, all DSi titles do have only "one content". The version entry might help on finding the game's version specific filename, but apparently ahezard got "v0 sudoku .app" working with "with the v257 .tmd" (don't know with which .app filename though). And the size/sha1 entries, Nintendo would be definetely able to verify them, but doing so would be totally pointless.
The thing that they've got wrong is verifying the RSA for the (useless) .tmd file, instead of the RSA for the (console specific) .tik file. Concerning piracy that's a really big mistake, but, on the other hand, it's allowing to install sudoku- or 4sword-hax on every (hardmodded) DSi console, so I wouldn't complain too much about it.
The RSA option in no$gba affects only 80h-byte signatures that are verifyied via the BIOS SWI functions (and even then, you would still need a valid signature, the option does just allow to use unencrypted signatures (="raw" SHA1's with padding) alternately the RSA-encrypted ones). Anyways, the option won't affect 100h/200h-byte signatures, so you can be sure that emulator & hardware will behave exactly the same on them.
Oh, and one question: When manually installing extra titles, did't you need to modify the "wrap.bin" and/or "menusave.dat" file(s), or did the launcher allow to boot the new titles without modifying those files?