X-Recipient: archive-cygwin@delorie.com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:reply-to:message-id:to:subject :in-reply-to:references:mime-version:content-type :content-transfer-encoding; q=dns; s=default; b=wdBNWv47xH0I3rjt rC2mmdjPPFJQDFpOoo2ujwagXKutSLchjFRZxjlo6eH8f5OvolFt6ZxUjaBorpSc i9UTKPNc8zRxIBxw7Vdxyw261u7pqHWd0BnpeunuLqE8IEDgEqJKnJhhmvfW5Y0w QGLEzgZybOZ3xHjuOnIqi3A4vFM= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:reply-to:message-id:to:subject :in-reply-to:references:mime-version:content-type :content-transfer-encoding; s=default; bh=YFTMnVi2uNWq7EQ3l65lYp A+ls4=; b=w/Cd/ECP5eqffjUUf+N/bLaM+s9Wn5hTZfD7ma3KZmQYPBSIPGEZT7 9VJWxsNbNZar939MMcjVlf5bkQ/5KXLm/NOZbCglOmWcwhkeKX1HLenlvteu6kso kwsxTOR++729lD9hu1W4B4NCImv6YcwdOWd68l8hXKq1HJx7bvnz0= Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Delivered-To: mailing list cygwin@cygwin.com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-3.3 required=5.0 tests=AWL,BAYES_50,FREEMAIL_FROM,KAM_THEBAT,SPF_SOFTFAIL autolearn=no version=3.3.2 X-HELO: smtp.ht-systems.ru Date: Fri, 3 Apr 2015 01:22:15 +0300 From: Andrey Repin Reply-To: cygwin@cygwin.com Message-ID: <721062557.20150403012215@yandex.ru> To: "David A. Wheeler" , cygwin@cygwin.com Subject: Re: Should cygwin's setup*.exe be signed using Sign Tool? In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-IsSubscribed: yes Greetings, David A. Wheeler! > Running setup*.exe produces "Publisher: Unknown publisher", and it's > doubtful that many people check the signature of the .exe file before > running. Even if they did, there's the problem that the signature comes from the same place. > Has Cygwin considered signing the installer using Sign Tool? More info: Did Microsoft made it available separately? Or is there a description of the structure of such a signature and/or a free tool that can be used to generate it? Last I checked, you have to install a metric ton of garbage to get signtool as a bonus. > https://msdn.microsoft.com/en-us/library/windows/desktop/aa387764%28v=vs.85%29.aspx > > http://blog.didierstevens.com/2008/12/31/howto-add-a-digital-signature-to-executables/ > I believe signing it this way would eliminate the "unknown publisher"; it > would also protect the many people who don't follow the current > signature-checking process. This would create a strong barrier against code subversion after release. People who don't check signature manually, won't check the credibility of the embedded signature either. And it only takes about thirty seconds to fake the lines that are visible in prompt dialogue. Been there, done that. > The signed executable could also be signed using the current process, so you > don't need to *eliminate* any capability. I can't provide a patch to do > this, obviously :-). Signing executable doesn't alter its behavior in any way, shape or form. I've had success signing executable archives. -- With best regards, Andrey Repin Friday, April 3, 2015 01:17:20 Sorry for my terrible english... -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple