Am 20.11.2022 um 08:26 schrieb Brian Inglis:
On Fri Nov 18 21:15:04 GMT 2022, Dale McCoy wrote:
I use Cygwin in the course of work, and while I can use the external gpg
signature to verify the validity of setup-x86_64.exe, my IT department
can't see that step. They get somewhat concerned when they see that
Windows
thinks setup-x86_64.exe is unsigned, and I certainly don't blame them.
Can I convince you to also embed a signature in the installer, so
Windows
recognizes the file is signed?
I couldn't find a previous request on the mailing list for this, but
I may
have missed it in my attempts to grep the monthly digests.
See thread "Should cygwin's setup*.exe be signed using Sign Tool?":
https://cygwin.com/pipermail/cygwin/2015-April/220978.html
https://inbox.sourceware.org/cygwin/e1ydjc5-0000kv...@rmm6prod02.runbox.com/
In case we ever need it, one of our setup maintainers packaged
osslsigncode:
https://cygwin.com/packages/summary/osslsigncode-src.html
Packaging error: the binary is placed in /usr
--
Problem reports: https://cygwin.com/problems.html
FAQ: https://cygwin.com/faq/
Documentation: https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
