On Monday, 15 August 2016 at 17:05:32 UTC, Brad Anderson wrote:
With all of the issues people are having with Windows Defender
now would be a good time to start code signing the Windows
installer and binaries (doing this is the first thing Microsoft
suggests on their page for Software Developers about Windows
Defender false positives).
I propose the D Foundation acquire a code signing certificate
and we start using it for releases. Alternatively any well
known organization member could be the signer (having "The D
Foundation" on the popup sure would look nice though). I'd be
happy to put my money where my mouth is and chip in some of the
money to cover the certificate cost.
I've used StartSSL's code signing certificates successfully for
this purpose but I imagine any vendor will do. The biggest
hassle is certificate format conversion but once you've got the
certificate in the Windows certificate store signing is just a
command line call that can be easily scripted.
There is already an issue created for this here:
https://issues.dlang.org/show_bug.cgi?id=16065
Do you think that a certificate prevents an antivirus to scan an
executable ? I'm laughing out of loud here.
