From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 78030 invoked by alias); 13 Dec 2016 20:01:23 -0000 Mailing-List: contact cygwin-apps-help@cygwin.com; run by ezmlm Precedence: bulk Sender: cygwin-apps-owner@cygwin.com List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Mail-Followup-To: cygwin-apps@cygwin.com Received: (qmail 78018 invoked by uid 89); 13 Dec 2016 20:01:22 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-101.6 required=5.0 tests=AWL,BAYES_00,GOOD_FROM_CORINNA_CYGWIN,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS autolearn=ham version=3.3.2 spammy=Hx-languages-length:1166, deemed, H*f:sk:87twa7o, H*MI:sk:87twa7o X-HELO: drew.franken.de Received: from mail-n.franken.de (HELO drew.franken.de) (193.175.24.27) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Tue, 13 Dec 2016 20:01:15 +0000 Received: from aqua.hirmke.de (aquarius.franken.de [193.175.24.89]) (Authenticated sender: aquarius) by mail-n.franken.de (Postfix) with ESMTPSA id C3F6872106C16 for ; Tue, 13 Dec 2016 21:01:12 +0100 (CET) Received: from calimero.vinschen.de (calimero.vinschen.de [192.168.129.6]) by aqua.hirmke.de (Postfix) with ESMTP id 1D4BC5E01EB for ; Tue, 13 Dec 2016 21:01:12 +0100 (CET) Received: by calimero.vinschen.de (Postfix, from userid 500) id F257EA80C8F; Tue, 13 Dec 2016 21:01:11 +0100 (CET) Date: Tue, 13 Dec 2016 20:01:00 -0000 From: Corinna Vinschen To: cygwin-apps@cygwin.com Subject: Re: [PATCH setup 4/4] Codesign setup.exe (DO NOT APPLY) Message-ID: <20161213200111.GD17377@calimero.vinschen.de> Reply-To: cygwin-apps@cygwin.com Mail-Followup-To: cygwin-apps@cygwin.com References: <20161212132929.58904-1-jon.turney@dronecode.org.uk> <20161212132929.58904-5-jon.turney@dronecode.org.uk> <20161212173051.GD3705@calimero.vinschen.de> <87shptass0.fsf@Rainer.invalid> <20161213083038.GE3705@calimero.vinschen.de> <87twa7of1f.fsf@Rainer.invalid> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="MW5yreqqjyrRcusr" Content-Disposition: inline In-Reply-To: <87twa7of1f.fsf@Rainer.invalid> User-Agent: Mutt/1.7.1 (2016-10-04) X-SW-Source: 2016-12/txt/msg00024.txt.bz2 --MW5yreqqjyrRcusr Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-length: 1163 On Dec 13 19:33, Achim Gratz wrote: > Corinna Vinschen writes: > >> That wouldn't do any good for folks trying to use an old setup version > >> or am I missing something? > > > > They would get two messages, "Sig has expired" and "there's a new versi= on > > of setup". Isn't that sufficient? >=20 > I was under the (maybe mistaken) impression that the executable would > stop running if the signature was deemed incorrect. >=20 > >> In the meantime, we could provide a detached signature with the cygwin > >> key, just like we do for setup.ini? > > > > We already do. You can download setup-x86.exe.sig and > > setup-x86_64.exe.sig from https://cygwin.com/ >=20 > It's not advertised in an easily accessible place (i.e. right besides > the download link on cygwin.com main page). The install page shows > those, but I'm not sure how many people look it up there. The websites are in git(*). Just send patches if you see some flaw. Thanks, Corinna (*) https://cygwin.com/git/gitweb.cgi?p=3Dcygwin-htdocs.git --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --MW5yreqqjyrRcusr Content-Type: application/pgp-signature; name="signature.asc" Content-length: 819 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJYUFOHAAoJEPU2Bp2uRE+gwM8P+gLqMDgnnWHoPuhw5/gCLvIl IvBuD98802o367Tmnfjm/tVhz9P9AMQnfvkVpN2gtal+TQrUjn6ZHsyqBxObWyrD JBI3MP19IDSGFLgDsHCNe/RVKO2NUCBXeBTtHifPoskzjwWbt7al09QVQgqMSJ7a flpf4g8ROEHGEScZy8xLuduUxmRbxrLfIdMdxP3JJ76/54D089+DV03J4USnr0o4 fV0BGI1OWZYQLy65EHIqTBnD9v2ehb/kEC1nj17znfrYbubYMTajwYewVOZxaCZf wy4jQB3l4aYkb51N79w+VRptlYitaGvplzQG3mPVMihFjG97gEf6hGQnnkVtsed6 /cKrDiqkExdcAiUd7wluxFj6Piu6ssK1+GxqKHixIJa2NASw+QFTjcLjlAcOgc7J MjMJsg/v3e+oMFl12ewPEYXr2MtbrnsF+9cl1i6n0GuRq/a1wQc1cHQEdENmFqhU Od44xT/ByD5Fe687dZdbNOXLA5bgvK+u/VJ+EpZDJsJwH4jwzwvAoEWHO3bqdjnB AuhSDLF2rkKThlhkv6w5foSd4YbaNZZzhWJe10K5DiSB8Z9ZDw17FDZIs5W/zWzu yf32L7OBPnLFzQZyFQovyxAXgzkgTsxOhKQE7YEn6P0136RARX0EB6Prg82jMWg8 +wfRKr3opQziRCDq2x4U =pjOS -----END PGP SIGNATURE----- --MW5yreqqjyrRcusr--