On 21/05/2015 0:28, Paul Gilmartin wrote:
o The installation package itself may have been corrupted en route.
Digitally signing software is pretty common on other platforms - and I think is at least possible on z/OS.
Windows puts obstacles in your path if you want to install software that is NOT digitally signed. As another example, Jar files can be digitally signed.
If you were concerned about corruption or tampering enroute it would be simple enough to add digital signatures to an installation package.
In fact why not require digital signatures as part of SMP/E packaging, so RECEIVE fails without a valid signature? Maybe even sign PTFs etc. individually, unless the overhead of individual checking would be too high (I suspect it would be undetectable in the background of normal SMP/E processing.) Add a BYPASS SIG option to get around the check. I'm slightly surprised that it isn't already done.
Andrew Rowley Black Hill Software +61 413 302 386 ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
