Nov. 4, 2016
7:51 p.m.
On Nov 4, 2016, at 3:27 PM, Paul Eggert <eggert@CS.UCLA.EDU> wrote:
... This all sounds complicated, though. The developers of Oracle's TZUpdater tool apparently found the .asc files to be too much of a hassle, and instead use SHA-512 checksums from a central server instead. Should we slap more gingerbread atop a signature-checking procedure that already may be a bridge too far?
No. If people don't know how to handle .ASC files, let them learn. That's elementary IT technology; it's not our job to work around people who haven't learned the tools of their trade. paul