[Issue 16065] Provide digitally signed binaries for Windows

2020-03-20 Thread d-bugmail--- via Digitalmars-d-bugs
https://issues.dlang.org/show_bug.cgi?id=16065 Basile-z changed: What|Removed |Added CC|b2.t...@gmx.com | --

[Issue 16065] Provide digitally signed binaries for Windows

2019-11-03 Thread d-bugmail--- via Digitalmars-d-bugs
https://issues.dlang.org/show_bug.cgi?id=16065 Basile-z changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Issue 16065] Provide digitally signed binaries for Windows

2016-06-10 Thread via Digitalmars-d-bugs
https://issues.dlang.org/show_bug.cgi?id=16065 --- Comment #7 from Sobirari Muhomori --- BTW looks like distribution archives are already signed, see keys at https://dlang.org/gpg_keys.html --

[Issue 16065] Provide digitally signed binaries for Windows

2016-06-08 Thread via Digitalmars-d-bugs
https://issues.dlang.org/show_bug.cgi?id=16065 --- Comment #6 from Sobirari Muhomori --- (In reply to James King from comment #5) > To add to that, PGP signatures must also be delivered over HTTPS AFAIK, they can be delivered over HTTP just fine. It's a key property of

[Issue 16065] Provide digitally signed binaries for Windows

2016-06-07 Thread via Digitalmars-d-bugs
https://issues.dlang.org/show_bug.cgi?id=16065 --- Comment #5 from James King <1...@lwshost.com> --- PGP signatures work fine for *nix systems, but this requires either compiling PGP from source for windows, or finding some other distributor of PGP binaries for windows before you can even run the

[Issue 16065] Provide digitally signed binaries for Windows

2016-05-26 Thread via Digitalmars-d-bugs
https://issues.dlang.org/show_bug.cgi?id=16065 b2.t...@gmx.com changed: What|Removed |Added CC||b2.t...@gmx.com --- Comment #4 from

[Issue 16065] Provide digitally signed binaries for Windows

2016-05-26 Thread via Digitalmars-d-bugs
https://issues.dlang.org/show_bug.cgi?id=16065 --- Comment #3 from Sobirari Muhomori --- A more reliable mechanism would be a PGP signature. If you check against only one key, it will be equivalent to key pinning. Oh, and the ultimate security is to build everything

[Issue 16065] Provide digitally signed binaries for Windows

2016-05-25 Thread via Digitalmars-d-bugs
https://issues.dlang.org/show_bug.cgi?id=16065 --- Comment #2 from James King <1...@lwshost.com> --- It would be nice if there was something akin to a "D Language Foundation" certificate issued by VeriSign or equivalent. The difficulty and effort required to compromise (or "compromise") both the

[Issue 16065] Provide digitally signed binaries for Windows

2016-05-24 Thread via Digitalmars-d-bugs
https://issues.dlang.org/show_bug.cgi?id=16065 --- Comment #1 from Sobirari Muhomori --- Signature on binaries can be forged in the same way: obtain a valid certificate with a similar CN and use it. --

[Issue 16065] Provide digitally signed binaries for Windows

2016-05-23 Thread via Digitalmars-d-bugs
https://issues.dlang.org/show_bug.cgi?id=16065 James King <1...@lwshost.com> changed: What|Removed |Added CC||1...@lwshost.com --