Return-Path: X-Original-To: apmail-infrastructure-dev-archive@minotaur.apache.org Delivered-To: apmail-infrastructure-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 0906D9F73 for ; Mon, 25 Jun 2012 22:27:45 +0000 (UTC) Received: (qmail 82622 invoked by uid 500); 25 Jun 2012 22:27:44 -0000 Delivered-To: apmail-infrastructure-dev-archive@apache.org Received: (qmail 82461 invoked by uid 500); 25 Jun 2012 22:27:44 -0000 Mailing-List: contact infrastructure-dev-help@apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: infrastructure-dev@apache.org Delivered-To: mailing list infrastructure-dev@apache.org Received: (qmail 82450 invoked by uid 99); 25 Jun 2012 22:27:44 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 25 Jun 2012 22:27:44 +0000 X-ASF-Spam-Status: No, hits=0.7 required=10 tests=RCVD_IN_DNSWL_NONE,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [173.201.192.108] (HELO p3plsmtpa06-07.prod.phx3.secureserver.net) (173.201.192.108) by apache.org (qpsmtpd/0.29) with SMTP; Mon, 25 Jun 2012 22:27:38 +0000 Received: (qmail 29457 invoked from network); 25 Jun 2012 22:27:16 -0000 Received: from unknown (76.252.112.72) by p3plsmtpa06-07.prod.phx3.secureserver.net (173.201.192.108) with ESMTP; 25 Jun 2012 22:27:16 -0000 Message-ID: <4FE8E5D5.9090403@rowe-clan.net> Date: Mon, 25 Jun 2012 17:27:33 -0500 From: "William A. Rowe Jr." User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20120614 Thunderbird/13.0.1 MIME-Version: 1.0 To: infrastructure-dev@apache.org Subject: Re: Official code signing certificate References: In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org On 6/23/2012 4:40 PM, Sam Ruby wrote: > On Sat, Jun 23, 2012 at 5:33 PM, William A Rowe Jr wrote: >> >> If we now have 5-7 projects looking for code signing, I'd suggest it is time >> for Sam as VP infra, or his delegate, to re-approach the Symantec team and >> find out the terms and conditions on their code signing service and the >> cost. Have a couple infra team members act as admins. As I may be signing >> objects I would prefer not to also be an admin, but would serve if pressed. > > I've already stated that I'm willing to authorize the purchase of an > ASF certificate should we need one. Reiterating two options; 1. Obtain an ASF code signing organization cert. Build a service to automate the submission for signing in an audit-able and automated manner. Unsigned blobs from svn in, signed blobs committed back to subversion for the project to then package or deploy. Complete transparency over who submitted what binary bits. A malicious or unintentionally viral package signature cannot be withdrawn. We have an offer for such a cert, free, from Symantec. 2. Sign up for the Symantec Code Signing service. Several current infra root folks gain admin rights to create accounts for release managers. RM's send up unsigned bits, get back signed bits. Each binary has it's own unique cert which can be later invalidated due to malicious or unintentionally viral package contents. We have an offer for such a service, free, from Symantec. Reinventing the wheel seems so foolish now that Symantec went from initially discussing prices for option 2 to telling us we would be invited to use that service for free. Bill