plaintext non-ssl distribution - who things this is a good idea?
Werner Koch
wk at gnupg.org
Fri Sep 11 09:20:09 CEST 2015
On Fri, 11 Sep 2015 00:05, rjh at sixdemonbag.org said:
> (Getting an Authenticode certificate, for instance.)
Yeah, when testing the installer I always see that annoying "unknown
issuer" warning. Thus it is probably a good idea to silence this
warning by signing the installer. I need to see how to integrate this
into my workflow.
I also need to decide whether to use my smartcard based release signing
key but that unfortunately means that a broken smartcard will be quite
expense. Given that it is cheap to get a faked code signing key, it
might be okay to use a standard on disk key.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users
mailing list