[gnutls-help] Windows binaries security/checksum

Nikos Mavrogiannopoulos nmav at gnutls.org
Tue Aug 29 11:35:39 CEST 2017

On Mon, 2017-08-28 at 12:11 -0700, Gregory Sloop wrote:
> Nikos...
> Is it possible to generate checksums for the Windows binaries so we
> can verify downloads have not been tampered with?
> [This seems like the easiest/least-hassle option I can think of.]
> SHA-256 I suppose?
> I'd probably want checksums anyway - but with a non secure FTP it
> worries me quite a lot more...

 I'd like to stop distributing these binaries on ftp and switch to
linking directly to the binaries generated during the CI run. For


That would not address signing the binaries (couldn't really do as
gitlab runners are not under our full control), but would provide the
binaries over https, and would automate the process allowing to access
the binaries of a release without delay, and without requiring manual


More information about the Gnutls-help mailing list