Digitally sign or hash WiX binaries

[wixbot]

Due to the highly security-sensitive nature of the environments in which WiX runs, the WiX installer MSI and binaries should be digitally signed using a code signing certificate registered to an authoritative person or entity. This is the preferred means of insuring code integrity because it can be programmatically checked by Windows. Alternatively, hashes (MD5 and SHA-1) of the binaries could be posted to a WiX mailing list by an authoritative person. Posting hashes to a mailing list is preferred over posting hashes to a web server because an attacker able to substitute a malicious installer or binaries would be unable to replace the hashes once mailed. However, to emphasize, code signing is preferred.

Originally opened by lambdareveal from http://sourceforge.net/p/wix/feature-requests/639/

[wixbot]

Originally changed by barnson
AssignedTo set to robmen
Release set to v3.8

[wixbot]

We are now digitally signing the bundle which will vouch for all the other installed files.

Originally posted by robmen
Area set to installer
Resolution set to fixed
Status changed from Open to Resolved