On Mon, Jan 2, 2012 at 10:28 PM, Philip Taron <[email protected]> wrote: > I'm talking about Authenticode signing, where the binary contains > signing and repudiation information. [...] > My main reason for desiring this is summed up here: > http://www.hanselman.com/blog/UsingCodeSigningCertificatesToSignDownloadedMSIsAndBuildReputationWithIE9SmartScreen.aspx > > Here's examples of the differences between signed and unsigned > binaries: http://imgur.com/a/7xJK0 (I used a recently downloaded > version of Firefox as an example.)
This is a Microsoft scare tactic, there's no reason not to trust software if you are confident of where you got it. You can eat food from state certified restaurants and get sick, or eat at a neighbor's house and feel great. (I'd even argue the latter is safer.) So I'd love to see the point made using Free Software and not requiring license fees or key hosting by whatever corporation. (Unless the case is being made that only state sponsored food should be allowed.) > Cream distro -- well, that one suffers from the same problem. I'd > prefer to use the vim.org/Bram build of Vim if I can, since I can be > sure it is fully up to date and doesn't have janky personal > customizations and patches. You obviously don't get the point of Free Software. :) > Why does it take funds? Because not everyone can be a certificate > authority. There is a chain of trust that originates in the set of > root certificates installed on everyone's machines, and self-signed > certs must be manually added on every machine that wants to trust > that author is who he or she claims they are. It only takes funds because the crooks that are trying to scare everyone into a fully sponsored "security solutions" need money to survive. -- Steve Hall [ digitect dancingpaper com ] -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php
