Code signing certificate for KDE?
Albert Astals Cid
aacid at kde.org
Thu Aug 17 22:16:23 BST 2017
El dijous, 17 d’agost de 2017, a les 22:57:47 CEST, Boudewijn Rempt va
escriure:
> On Thu, 17 Aug 2017, Albert Astals Cid wrote:
> > El dimecres, 16 d’agost de 2017, a les 11:40:33 CEST, Boudewijn Rempt va
> >
> > escriure:
> > > Here's yet another topic: for the past year, I've been signing Krita
> > > for Windows with a certificate from certum.eu. These certificates are
> > > personal, so krita gets signed by "open source developer boudewijn
> > > rempt".
> > >
> > > That's not ideal,
> >
> > What is the downside?
> >
> > I mean does "open source developer boudewijn rempt" show up somewhere in
> > the UI?
>
> Yes, it's what windows shows when installing the application.
Ok, then i guess yes, we should get one.
What kind of certificate is needed?
Cheers,
Albert
>
> > I'm not saying we shouldn't have a KDE wide key, just wanting to know why
> > we want it :)
>
> KDE already conveys trust, and having KDE as the authority that says "this
> installer can be trusted", it can grow trust in KDE.
More information about the kde-community
mailing list