Code signing certificate for KDE?

[Boudewijn Rempt]

On Wed, 16 Aug 2017, Gilles Caulier wrote:

> Hi,
> 
> Same problem for digiKam Windows installer.
> 
> But this question is not only about Windows, but MacOS PKG also need
> to be signed. So the problem is more generic and a global solution
> need to be found here for KDE applications packaged for windows and
> MacOS.

Right now, I'm not concerned that much about OSX. One thing at a time.

> Note : in the future, to improve security, Microsoft and Apple will
> certainly promote application store for desktop application
> installation, instead stand alone solutions.

For Windows Store applications code signing certificates aren't used.
They check the developer directly (which is why it's so nice that they
have a program to help open source projects get into the store, that
cuts through a lot of red tape).

> 
> Gilles Caulier
> 
> 2017-08-16 11:40 GMT+02:00 Boudewijn Rempt <boud at valdyas.org>:
> > Here's yet another topic: for the past year, I've been signing Krita
> > for Windows with a certificate from certum.eu. These certificates are
> > personal, so krita gets signed by "open source developer boudewijn rempt".
> >
> > That's not ideal, and besides, there are other projects publishing
> > binaries for Windows, like kate and kdevelop and kdenlive. I am wondering
> > whether it would be possible to get a proper KDE code signing certificate
> > and manage that somehow, then use that sign all our windows releases.
> >
> > I'd of course chip in with the costs of that, since organization certificates
> > tend to be quite expensive, but the main thing is, we need way to sign
> > the binaries in a trusted way. I have no real idea other than having an
> > official "signing volunteer" or something like that.
> >
> > --
> > Boudewijn Rempt | http://www.krita.org, http://www.valdyas.org
> 

-- 
Boudewijn Rempt | http://www.krita.org, http://www.valdyas.org