Code signing certificate for KDE?
Boudewijn Rempt
boud at valdyas.org
Thu Aug 17 21:57:47 BST 2017
On Thu, 17 Aug 2017, Albert Astals Cid wrote:
> El dimecres, 16 d’agost de 2017, a les 11:40:33 CEST, Boudewijn Rempt va
> escriure:
> > Here's yet another topic: for the past year, I've been signing Krita
> > for Windows with a certificate from certum.eu. These certificates are
> > personal, so krita gets signed by "open source developer boudewijn rempt".
> >
> > That's not ideal,
>
> What is the downside?
>
> I mean does "open source developer boudewijn rempt" show up somewhere in the
> UI?
Yes, it's what windows shows when installing the application.
>
> I'm not saying we shouldn't have a KDE wide key, just wanting to know why we
> want it :)
>
KDE already conveys trust, and having KDE as the authority that says "this
installer can be trusted", it can grow trust in KDE.
--
Boudewijn Rempt | http://www.krita.org, http://www.valdyas.org
More information about the kde-community
mailing list