So now that I've followed this thread and finally found a chance to
get reply here are my thoughts:
What is required for someone to sign CoApp CLA? I don't remember
offhand, it's been a while.
Certum is probably filled with very nice people but their usability,
especially for non-Polish speakers
On Thursday, January 5, 2012, 0:08:56, Mateusz Loskot wrote:
> CERTUM is a company established in Poland.
Well aware of that.
> They have virtual branch at http://www.certum.eu/ for non-Polish users.
The problem is, that even though they appear to be targeting
international users, too, you ofte
Well, I'm just waiting for the email at this point :)
I'll ping if I need help.
G
From: coapp-developers-bounces+garretts=microsoft@lists.launchpad.net
[coapp-developers-bounces+garretts=microsoft@lists.launchpad.net] on behalf
of Mateusz Loskot
2012/1/4 Jernej Simončič :
> On Wednesday, January 4, 2012, 22:58:13, Garrett Serack wrote:
>
>> Yes, they have. The only trouble with them, is that their site is
>> in a language that I don't read well.
>
> It's mostly in English, but parts are in Polish - not sure why.
CERTUM is a company establ
On Wednesday, January 4, 2012, 22:58:13, Garrett Serack wrote:
> Yes, they have. The only trouble with them, is that their site is
> in a language that I don't read well.
It's mostly in English, but parts are in Polish - not sure why. The
e-mail you'll receive might be in Polish, too - but even i
Hmm. Yeah, we'll definitely have to setup an OCSP responder. (Gonna have to
think about that one a bit more). In the short run we can make sure we have a
CRL in place.
I've got some bigger ideas on how to bring a complete WoT into it, but I
suspect we'll be well served by starting with just the
Yes, they have. The only trouble with them, is that their site is in a language
that I don't read well.
Goog Translate helped, I applied for a cert from them to see how that works too.
G
From: coapp-developers-bounces+garretts=microsoft@lists.launc
On 1/4/2012 1:31 PM, Mark Stone wrote:
>
> I guess my first question would be: "If this is such a great idea, why isn't
> it already
> being done elsewhere?".
It is... that's precisely what most packagers do, they ship out their
pgp keys and have the user add this to their web of trust in order
On Wednesday, January 4, 2012, 21:03:49, Garrett Serack wrote:
> As for 'industry standard' .. I'm pretty far ahead of the
> 'state-of-the-art' here, since generally very few people care about
> code signing, and those who do, just follow MS's guidance. (which is "cough
> up the dough").
Well, f
Well, we need to live inside the Authenticode digital code signing, which means
that we have to do some things a certain way.
And, from a certain perspective Authenticode code-signing is somewhat similar
to DNS. If you think of the CA as the registrar.
The reason it's not done elsewhere, is bec
This sounds like a really strong idea. I'm surprised that more projects /
platforms don't take advantage of the decentralized management architecture
pioneered by DNS, and what you're proposing is a kind of DNS-like code
signing network.
I guess my first question would be: "If this is such a great
11 matches
Mail list logo
