X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:message-id:date:from:reply-to:mime-version:to :cc:subject:references:in-reply-to:content-type :content-transfer-encoding; q=dns; s=default; b=r7VHKKpkGhNHODW2 xL8uhcnI6dtCBfzzhlmImC/hJ6moidr+kEWReUnqXaaFT6pEpXZ6RjlLCj3pDCPd 2NfXoN1lKFBExQxWiRwncRE7s795ZOBKFotHJJ8gO75p+dRdj0zZT1Q0LC/nkv/v KXFB7DLOj6WRuObG2W3GRRUcjL8= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:message-id:date:from:reply-to:mime-version:to :cc:subject:references:in-reply-to:content-type :content-transfer-encoding; s=default; bh=r36IWsa4VgoYn6X2WoJQ5W zoc+A=; b=XI3/unvfaFfhV3xKH3eTbu8AFEEaQQhvjtciLNPpfhZXX5MB/UsBdl N2JC6XA9xYl8OqaByHpv6h9Sk53+WgdtyDywLQ3eqatejc9gRK5Y6FqChOzteK1g HxtDBUBm/P0hvdbhHhFADmdvGnPMdyRILjrVLshqc+LEeRkmgYq2U= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.0 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.2 X-HELO: out4-smtp.messagingengine.com Message-ID: <55267923.7070601@dronecode.org.uk> Date: Thu, 09 Apr 2015 14:05:39 +0100 From: Jon TURNEY Reply-To: cygwin AT cygwin DOT com User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 MIME-Version: 1.0 To: cygwin AT cygwin DOT com CC: dwheeler AT dwheeler DOT com Subject: Re: Should cygwin's setup*.exe be signed using Sign Tool? References: In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit On 02/04/2015 19:13, David A. Wheeler wrote: > Running setup*.exe produces "Publisher: Unknown publisher", and it's doubtful that many people check the signature of the .exe file before running. Even if they did, there's the problem that the signature comes from the same place. > > Has Cygwin considered signing the installer using Sign Tool? More info: > https://msdn.microsoft.com/en-us/library/windows/desktop/aa387764%28v=vs.85%29.aspx > http://blog.didierstevens.com/2008/12/31/howto-add-a-digital-signature-to-executables/ > > I believe signing it this way would eliminate the "unknown publisher"; it would also protect the many people who don't follow the current signature-checking process. This would create a strong barrier against code subversion after release. > > The signed executable could also be signed using the current process, so you don't need to *eliminate* any capability. I can't provide a patch to do this, obviously :-). I don't think this is obvious at all. You can't provide the certificate, but you can provide a patch. However, saying "install Windows SDK, use signtool" is not a solution, for reasons already discussed. The actual work that needs to be done here is to identify an alternative open source signing tool and how to use it. It would be nice to have such a tool packaged for cygwin, as that would allow people to sign any MinGW-w64 executables they make... -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple