I was wondering can I get an answer on this

On Sat, Jul 22, 2017 at 2:25 AM, Guitar Hero <guitarhero...@gmail.com>
wrote:

> On Thu, Jul 20, 2017 at 6:00 PM, kmx <k...@atlas.cz> wrote:
>
>> Strawberry Perl 5.24.2.1 is available at http://strawberryperl.com
>>
>
>
> How come you don't sign the installer? I understand from 2 years ago if
> you can't use the Microsoft way but can't you use a gpg sig or something
> like that? Also the installers are not available via HTTPS. I don't want to
> be subject to a MITM attack when I download the installer and also I want
> to be sure it's actually from you. The integrity of these files is very
> important for me they are going to be installed on some important systems.
>
> These are the hashes I have, they match what is on the website. Can you
> please confirm if they are correct:
> e59ac8f708a621a52857cfc7477cdef19fe1aae9 *strawberry-perl-5.24.2.1-
> 32bit.msi
> e335e59ec61d3b13de392a43dc6fa3db88b56fec *strawberry-perl-5.24.2.1-
> 64bit.msi
>
>
>

Reply via email to