X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:message-id:to:subject
	:in-reply-to:references:mime-version:content-type
	:content-transfer-encoding; q=dns; s=default; b=wdBNWv47xH0I3rjt
	rC2mmdjPPFJQDFpOoo2ujwagXKutSLchjFRZxjlo6eH8f5OvolFt6ZxUjaBorpSc
	i9UTKPNc8zRxIBxw7Vdxyw261u7pqHWd0BnpeunuLqE8IEDgEqJKnJhhmvfW5Y0w
	QGLEzgZybOZ3xHjuOnIqi3A4vFM=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:message-id:to:subject
	:in-reply-to:references:mime-version:content-type
	:content-transfer-encoding; s=default; bh=YFTMnVi2uNWq7EQ3l65lYp
	A+ls4=; b=w/Cd/ECP5eqffjUUf+N/bLaM+s9Wn5hTZfD7ma3KZmQYPBSIPGEZT7
	9VJWxsNbNZar939MMcjVlf5bkQ/5KXLm/NOZbCglOmWcwhkeKX1HLenlvteu6kso
	kwsxTOR++729lD9hu1W4B4NCImv6YcwdOWd68l8hXKq1HJx7bvnz0=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=-3.3 required=5.0 tests=AWL,BAYES_50,FREEMAIL_FROM,KAM_THEBAT,SPF_SOFTFAIL autolearn=no version=3.3.2
X-HELO:	smtp.ht-systems.ru
Date:	Fri, 3 Apr 2015 01:22:15 +0300
From:	Andrey Repin <anrdaemon AT yandex DOT ru>
Reply-To:	cygwin AT cygwin DOT com
Message-ID:	<721062557.20150403012215@yandex.ru>
To:	"David A. Wheeler" <dwheeler AT dwheeler DOT com>, cygwin AT cygwin DOT com
Subject:	Re: Should cygwin's setup*.exe be signed using Sign Tool?
In-Reply-To:	<E1Ydjc5-0000kv-WD@rmm6prod02.runbox.com>
References:	<E1Ydjc5-0000kv-WD AT rmm6prod02 DOT runbox DOT com>
MIME-Version:	1.0
X-IsSubscribed:	yes

Greetings, David A. Wheeler!

> Running setup*.exe produces "Publisher: Unknown publisher", and it's
> doubtful that many people check the signature of the .exe file before
> running.  Even if they did, there's the problem that the signature comes from the same place.

> Has Cygwin considered signing the installer using Sign Tool? More info:

Did Microsoft made it available separately? Or is there a description of the
structure of such a signature and/or a free tool that can be used to generate
it?
Last I checked, you have to install a metric ton of garbage to get signtool as
a bonus.

> https://msdn.microsoft.com/en-us/library/windows/desktop/aa387764%28v=vs.85%29.aspx
>  
> http://blog.didierstevens.com/2008/12/31/howto-add-a-digital-signature-to-executables/

> I believe signing it this way would eliminate the "unknown publisher"; it
> would also protect the many people who don't follow the current
> signature-checking process.  This would create a strong barrier against code subversion after release.

People who don't check signature manually, won't check the credibility of
the embedded signature either.
And it only takes about thirty seconds to fake the lines that are visible in
prompt dialogue.
Been there, done that.

> The signed executable could also be signed using the current process, so you
> don't need to *eliminate* any capability.  I can't provide a patch to do
> this, obviously :-).

Signing executable doesn't alter its behavior in any way, shape or form.
I've had success signing executable archives.


-- 
With best regards,
Andrey Repin
Friday, April 3, 2015 01:17:20

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -