I was wondering can I get an answer on this On Sat, Jul 22, 2017 at 2:25 AM, Guitar Hero <guitarhero...@gmail.com> wrote:
> On Thu, Jul 20, 2017 at 6:00 PM, kmx <k...@atlas.cz> wrote: > >> Strawberry Perl 5.24.2.1 is available at http://strawberryperl.com >> > > > How come you don't sign the installer? I understand from 2 years ago if > you can't use the Microsoft way but can't you use a gpg sig or something > like that? Also the installers are not available via HTTPS. I don't want to > be subject to a MITM attack when I download the installer and also I want > to be sure it's actually from you. The integrity of these files is very > important for me they are going to be installed on some important systems. > > These are the hashes I have, they match what is on the website. Can you > please confirm if they are correct: > e59ac8f708a621a52857cfc7477cdef19fe1aae9 *strawberry-perl-5.24.2.1- > 32bit.msi > e335e59ec61d3b13de392a43dc6fa3db88b56fec *strawberry-perl-5.24.2.1- > 64bit.msi > > >