Issue Details (XML | Word | Printable)

Key: CORE-5996
Type: New Feature New Feature
Status: Open Open
Priority: Major Major
Assignee: Unassigned
Reporter: Helen Borrie
Votes: 0
Watchers: 2
Operations

If you were logged in you would be able to see more operations.
Firebird Core

BUILDS: Provide digital signing on installation kits

Created: 31/Jan/19 06:31 PM   Updated: 31/Jan/19 06:31 PM
Component/s: Build Issues / Porting
Affects Version/s: 4.0 Beta 1, 2.5.9, 3.0.5
Fix Version/s: None

Environment: All platforms

QA Status: No test


 Description  « Hide
John Frankland in firebird-devel and several other forums:
> What is the practice regarding digital signing of Firebird executables and installers etc.?
> Some releases have been signed with a "Firebird Inc" certificate in the past but it seems signing is not always done.
> Can signing be adopted as a policy?

Alex Peshkov in firebird-devel:
It's really funny. Sha256 checksums are provided for snapshot builds but not for releases.

Sean Leyne in firebird-devel:
SHA hashes are fine to validate downloads, but they are not the same as signing the install kits/executable.

Windows has increasingly made it difficult to install and/or run non-signed kits/executables.


 All   Comments   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
There are no comments yet on this issue.