Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

Feature Request: Sign Windows binaries #376

Closed
TomSellers opened this Issue May 11, 2016 · 2 comments

Comments

Projects
None yet
3 participants

The intent of this issue is to start the discussions needed to determine if all of the official Windows installer and executable binaries can be signed. Signed Windows binaries would help ensure that the binaries are official and have not been modified. It would also improve acceptance in environments where application white-listing is deployed.

In the environment that I am responsible for the barrier for approval for unsigned files is significantly higher than that for signed code.

Related Issues:
#94 Sign the OS X installer
#136 Create EV-signed Npcap compatible with Windows 10

CC @bonsaiviking @fyodor

Member

hsluoyz commented May 12, 2016

Hi @TomSellers,

I'm not quite sure about the OS X case, but for Npcap, all binaries are already signed, although not using an EV certificate. The current situation is not the best but enough to use.

We are not using an EV certificate primarily because it needs a hardware key when do the signing. And it's difficult for all Nmap products to use the key at the same time, since the developers are located at different places.

Or have you encountered any difference between a normal cert and an EV cert?

Cheers,
Yang

@dmiller-nmap dmiller-nmap modified the milestones: Release blockers, Release 2016-A, 7.10 release Jun 16, 2016

We did this starting with Nmap 7.25BETA2!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment