Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

Adopt standard code signing in favor of DSA signing #48

Closed
andymatuschak opened this Issue Oct 23, 2011 · 3 comments

Comments

Projects
None yet
1 participant
Contributor

andymatuschak commented Oct 23, 2011

**Andy Matuschak (andymatuschak)* reported (on Launchpad) on' 2008-06-29:*

We should use code signing for 10.5+ applications; it's in the system,
and this way, devs who already sign their apps won't have to do double
duty.

Contributor

andymatuschak commented Oct 23, 2011

**Andy Matuschak (andymatuschak)* wrote on 2008-08-17:*

We should investigate the use of CDSA for 10.4 compatibility:
http://developer.apple.com/security/cdsaopenssl.html

Contributor

andymatuschak commented Oct 23, 2011

**James W. Walker (jw-jwwalker)* wrote on 2008-08-17:*

When I looked at the code signing stuff, I didn't see any public API to
verify a signature, only a command line tool. That might be less
convenient for Sparkle.

Contributor

andymatuschak commented Oct 23, 2011

**Hofman (cmhofman)* wrote on 2008-09-15:*

I don't think a command line tool would be a problem, it's easy to run
it using NSTask.

The initial reason that code signers don't have to do double work is not
true, because what should be signed is the downloaded archive/disk
image/package, not the bundle (an installer can be just as malicious, if
not more so, than an app).

@vslavik vslavik referenced this issue in vslavik/winsparkle May 27, 2014

Open

Add support for DSA signed updates #23

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment