[Issue 16065] Provide digitally signed binaries for Windows
via Digitalmars-d-bugs
digitalmars-d-bugs at puremagic.com
Wed Jun 8 05:25:50 PDT 2016
https://issues.dlang.org/show_bug.cgi?id=16065
--- Comment #6 from Sobirari Muhomori <dfj1esp02 at sneakemail.com> ---
(In reply to James King from comment #5)
> To add to that, PGP signatures must also be delivered over HTTPS
AFAIK, they can be delivered over HTTP just fine. It's a key property of a
digital signature that it can't be realistically forged because of math behind
cryptography.
> and even then, again, the
> only barrier to supplying a bad binary is to gain access to the web server.
The signature doesn't prevent supplying a bad binary from the web server. It
prevents running the bad binary if the user checks the signature and pays
attention to the failed check and decides to not run it.
--
More information about the Digitalmars-d-bugs
mailing list