On 2014-05-14 12:09, Ted Unangst wrote:
Providing a mix of signed and unsigned SHA256 files would be a dangerous inconsistency in my mind.
As an ordinary user, I can tell the difference between a file named "SHA256" and a file named "SHA256.sig". It's very easy when both files are included together with filesets. Only have one of these files, with packages, may introduce confusion among us users.
