On Thu, 17 Aug 2017, Albert Astals Cid wrote: > El dimecres, 16 d’agost de 2017, a les 11:40:33 CEST, Boudewijn Rempt va > escriure: > > Here's yet another topic: for the past year, I've been signing Krita > > for Windows with a certificate from certum.eu. These certificates are > > personal, so krita gets signed by "open source developer boudewijn rempt". > > > > That's not ideal, > > What is the downside? > > I mean does "open source developer boudewijn rempt" show up somewhere in the > UI?
Yes, it's what windows shows when installing the application. > > I'm not saying we shouldn't have a KDE wide key, just wanting to know why we > want it :) > KDE already conveys trust, and having KDE as the authority that says "this installer can be trusted", it can grow trust in KDE. -- Boudewijn Rempt | http://www.krita.org, http://www.valdyas.org