chicagofan wrote:
Justin Wood (Callek) wrote:
Ant wrote:
Just curious. Why no code-signed releases? Is it because SeaMonkey is
not an official Mozilla product like Firefox and Thunderbird?
That was the primary reason up until this year, due to no legal entity
officially responsible for SeaMonkey, and with my non-employee status it
was hard to coerce legal/magic to get us a code-signing cert.
Within the last month or so, we *finally* have a code signing cert,
which is in my possession. As an employee of Mozilla Corp now, we were
able to shortcut one of the current legal hurdles while we try and prove
that Signing works, reliably, and get stuff handled.
Once that is done we can work on other legal aspects, as in who has
access to the cert (besides me -- if anyone), if [and where] we can host
a signing machine (like MoCo has for their infra) etc., right now it
will be up to me.
I was working this weekend on the ability to sign, as it is. We're not
quite ready yet, but as soon as we are I'll publish a
call-for-help/testing on signed binaries, (separately from the real
release at first)
Basic Things I'll need to test with this, include:
* Does English and at least 1 other locale have signed files properly?
[both installer and after-installed]
* Does updates from unsigned->signed work correctly
* Does updates from signed->signed work correctly
Part of this is also getting Mac binaries signed with an Apple keychain.
-- I have the key for that, but no knowledge on how/what to do yet [I
have docs, but I'm focusing on Authenticode/Windows signing right now --
one hurdle at a time]
- No hard ETA on any of it yet.
In case I haven't said it lately... thanks so much, Justin for
continuing to work on Seamonkey for all of us. It's still the best
there is in my book.
Barbara
Ditto!
--
Ed Mullen
http://edmullen.net/
Do people in France use American ticklers?
_______________________________________________
support-seamonkey mailing list
[email protected]
https://lists.mozilla.org/listinfo/support-seamonkey
