couchdb-marketing mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joan Touzet <jo...@lrtw.org>
Subject Code-signing binary releases?
Date Mon, 06 Oct 2014 23:00:20 GMT
Presented with no bias on my part, but it showed up in my inbox:

https://blogs.apache.org/infra/entry/code_signing_service_now_available

Do we care to use something like this for our Windows binary builds?
Or are we happy enough to just publish a Windows binary with a checksum?
I can see the advantage in signing Windows binaries here.

If we add Java or Android components in the future, this could extend to
signing those binaries as well. I am sufficiently naive about those
environments to not know whether there exist better, freer, more open
alternatives that would suffice.

What is the process for signing things that end up in the OSX App Store?
Would we want to try and get CouchDB in there, or just stick with brew?

-Joan

Mime
View raw message