Rob Weir: > You probably don't see this on the server yet, but end-user operating > systems, both desktop and devices, both at OS level as well as in > browsers and with antivirus software, are shifting over to excluding > non-signed executable by default. This is equally true of software > distributed on CD's, via downloads, or listed in OS-vendor "stores". > That is the direction that the industry is going. Any desktop > application that ignores this trend will become unusable by most > users. Instead of detached digital signatures that Apache releases > already carry, the OS vendors expect integrated signatures via code > signing.
Sorry for extending this thread, but I am curious: Which "OS vendors" and "end-user operating systems" are you talking about? The end-user operating system Debian does not require integrated signatures: http://wiki.debian.org/SecureApt Cheers, Andreas --------------------------------------------------------------------- To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
