To the OP, why doesn't your organization just download the source and build the binaries themselves? That will solve the "integrity validation of all software used in the build process" requirement. They can even sign the exes with their own certs. Open source FTW :)
-----Original Message----- From: Bob Arnson [mailto:b...@joyofsetup.com] Sent: 15 May 2011 02:00 To: wix-users@lists.sourceforge.net Subject: Re: [WiX-users] Integrity of WiX binaries On 09-May-11 12:56, John Robbins wrote: > WiX Team: My company will pay for the certificate. Let me know where > to send the check. Leave $60 in unmarked bills in the garbage can at the entrance to Mine Falls Park. Walk away slowly.<g> The biggest issue I see, aside from the work involved in keeping the cert reasonably secure and to integrate it into the build, is that there's no "WixCo" to issue a cert to. Rob could get a personal cert but I know I'd want to treat it with a lot more care than checking it in to source control. -- sig://boB http://joyofsetup.com/ ------------------------------------------------------------------------ ------ Achieve unprecedented app performance and reliability What every C/C++ and Fortran developer should know. Learn how Intel has extended the reach of its next-generation tools to help boost performance applications - inlcuding clusters. http://p.sf.net/sfu/intel-dev2devmay _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users ------------------------------------------------------------------------------ Achieve unprecedented app performance and reliability What every C/C++ and Fortran developer should know. Learn how Intel has extended the reach of its next-generation tools to help boost performance applications - inlcuding clusters. http://p.sf.net/sfu/intel-dev2devmay _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users
