[tech] Signing builds

Kévin lists at gph.dk
Sat Jan 16 02:00:23 GMT 2021

15 janv. 2021 à 02:59 de mansfield at ondollo.com:

> Good evening!
Hello !

> Another solution: Pay the yearly fee, sign the builds, avoid the warnings. (I'm also not sure how the certificate will verify I'm trustworthy when I'm not so certain I want any personally identifiable information to be shared with whoever will be running me through whatever process - I dream of something simple like a dns cname record to prove ownership and the cert then saying the builds were produced by the owner of the domain... or something...).
> Thoughts?
Perhaps it might be worth setting up a little collective for Windows Gemini devs and purchase a signing cert as a group for group members clients / servers.  It'll be a bit cheaper en masse and make it easier for newer Geminautes on Windows to dive in without Windows trying to stomp on their day because coin wasn't paid to Micro$oft.

I'm not saying play the system, but you know, sometimes you just got to improvise the rules :D


More information about the Gemini mailing list