* How do I verify the integrity of the setup.exe binary?
@ 2011-08-22 17:38 Kasper Dupont
0 siblings, 0 replies; only message in thread
From: Kasper Dupont @ 2011-08-22 17:38 UTC (permalink / raw)
To: cygwin
I wanted to install Cygwin on one machine, but I got stuck
trying to figure out how to verify the integrity of the
downloaded setup.exe binary.
The documentation points at a signature file and public key
file hosted on the same webserver as setup.exe. Thus those
could be tampered with just as easily as setup.exe itself.
If I knew how to get the public key from a secure source, I
know how to use gpg to validate the signature. I would have
expected the public key to be available over https as well,
but I wasn't able to find it anywhere.
I looked through the FAQ, but this question did not appear
to have been addressed there.
--
Kasper Dupont -- Rigtige mænd skriver deres egne backupprogrammer
#define _(_)"d.%.4s%."_"2s" /* This is my email address */
char*_="@2kaspner"_()"%03"_("4s%.")"t\n";printf(_+11,_+6,_,11,_+2,_+7,_+6);
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2011-08-22 17:38 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-08-22 17:38 How do I verify the integrity of the setup.exe binary? Kasper Dupont
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).