Mail Archives: cygwin/2015/04/02/23:28:05

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2015/04/02/23:28:05

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:content-type:content-transfer-encoding

:mime-version:from:reply-to:to:cc:subject:date:in-reply-to

:message-id; q=dns; s=default; b=IFgHzFGnq1EQOXWbn9cMWx6Y7Ls8XbT

Y0foKIHboagvB9K3QLUwlo2dIFr3IZyvtlAmK4ancDMEwWLLgtRpziErGk453tCL

VH+8cN0shw5R562rGwCsdc/rx4zV6OTM4KCosmFl3gknayzBVKJzd79TCr3MdLEo

n5vUZKtofrv0=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:content-type:content-transfer-encoding

:mime-version:from:reply-to:to:cc:subject:date:in-reply-to

:message-id; s=default; bh=YhDOh8Pexhl61bkMO+Kdxqa7KVg=; b=mVkZs

9xT/onHSMrlE4DR6zpRSEeHlnhlqjl0YVi7Q+Unx8KAcSLvYZ+GnRCKZZL6cYDDX

ofEx+QsRP1w6EiOYJg/nTw2/R7MjSKi8oXyzEXKscdpeTu+jZuJZvdZl41pz20NI

1W4i8mSklWhIKMisiujNr1CYVIOM9AhrO4UG4o=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Virus-Found: No

X-Spam-SWARE-Status: No, score=-0.6 required=5.0 tests=AWL,BAYES_40,SPF_PASS,UNPARSEABLE_RELAY autolearn=ham version=3.3.2

X-HELO: aibo.runbox.com

MIME-Version: 1.0

From: "David A. Wheeler" <dwheeler AT dwheeler DOT com>

Reply-To: dwheeler AT dwheeler DOT com

To: "bryan.berns" <bryan DOT berns AT gmail DOT com>

CC: "cygwin" <cygwin AT cygwin DOT com>

Subject: Re: Should cygwin's setup*.exe be signed using Sign Tool?

Date: Thu, 02 Apr 2015 23:27:42 -0400 (EDT)

In-Reply-To: <CADi7v6JKmP7Q2Bb9FgR0rjqQ+F1a_Y6nrG=v8x7WcesqKzXP4Q@mail.gmail.com>

Message-Id: <E1YdsGk-0001OY-N0@rmm6prod02.runbox.com>

X-IsSubscribed: yes

X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id t333RxiF001581

On Thu, 2 Apr 2015 21:23:16 -0400, Bryan Berns <bryan DOT berns AT gmail DOT com> wrote:
> Since the setup executable is responsible for running a whole bunch of
> community contributed post-install executables as part of the
> installation process, I'm not sure whether it'd be advisable to stamp
> a particular individual's name or company's name on the executive
> installer (e.g. Red Hat, for example).

I would expect the publisher to be "The Cygwin Project".
That's what the website says, after all!

In my mind, the point of the signature would be to assure that you have the correct
(untainted) installer, and that the other software installed was the one from Cygwin.
As far as community install issue goes, the same this is true for Fedora, Debian, etc.,
and that seems to be reasonably understood.

--- David A. Wheeler

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:content-type:content-transfer-encoding
	:mime-version:from:reply-to:to:cc:subject:date:in-reply-to
	:message-id; q=dns; s=default; b=IFgHzFGnq1EQOXWbn9cMWx6Y7Ls8XbT
	Y0foKIHboagvB9K3QLUwlo2dIFr3IZyvtlAmK4ancDMEwWLLgtRpziErGk453tCL
	VH+8cN0shw5R562rGwCsdc/rx4zV6OTM4KCosmFl3gknayzBVKJzd79TCr3MdLEo
	n5vUZKtofrv0=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:content-type:content-transfer-encoding
	:mime-version:from:reply-to:to:cc:subject:date:in-reply-to
	:message-id; s=default; bh=YhDOh8Pexhl61bkMO+Kdxqa7KVg=; b=mVkZs
	9xT/onHSMrlE4DR6zpRSEeHlnhlqjl0YVi7Q+Unx8KAcSLvYZ+GnRCKZZL6cYDDX
	ofEx+QsRP1w6EiOYJg/nTw2/R7MjSKi8oXyzEXKscdpeTu+jZuJZvdZl41pz20NI
	1W4i8mSklWhIKMisiujNr1CYVIOM9AhrO4UG4o=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=-0.6 required=5.0 tests=AWL,BAYES_40,SPF_PASS,UNPARSEABLE_RELAY autolearn=ham version=3.3.2
X-HELO:	aibo.runbox.com
MIME-Version:	1.0
From:	"David A. Wheeler" <dwheeler AT dwheeler DOT com>
Reply-To:	dwheeler AT dwheeler DOT com
To:	"bryan.berns" <bryan DOT berns AT gmail DOT com>
CC:	"cygwin" <cygwin AT cygwin DOT com>
Subject:	Re: Should cygwin's setup*.exe be signed using Sign Tool?
Date:	Thu, 02 Apr 2015 23:27:42 -0400 (EDT)
In-Reply-To:	<CADi7v6JKmP7Q2Bb9FgR0rjqQ+F1a_Y6nrG=v8x7WcesqKzXP4Q@mail.gmail.com>
Message-Id:	<E1YdsGk-0001OY-N0@rmm6prod02.runbox.com>
X-IsSubscribed:	yes
X-MIME-Autoconverted:	from quoted-printable to 8bit by delorie.com id t333RxiF001581