www-infrastructure-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jürgen Schmidt <jogischm...@gmail.com>
Subject Re: Official code signing certificate
Date Thu, 21 Mar 2013 07:53:29 GMT
On 3/20/13 9:37 PM, Daniel Shahaf wrote:
> So, basically:
> - project maintains a build script
>   (does checkout, build, and prepares end-user-facing package; doesn't
>    run unit/regression tests)

running unit/regression tests is not directly related to this. But it's
definitely a goal for AOO to run the automated tests with any build in
the future.

> - the script uses as input a certificate that only root@ has access to
> - root@ runs the script (against a specific tag and revision in svn) and
>   publishes the results

that is one way to handle it and from a security perspective the most
secure one. But I would root describe to only a very small group of
people with root access on the dedicated machine. This really depends on
what infra prefers and other options can be also possible.

> So... what kind of certificate is that?  How much does it cost, what
> kind of year to year maintenance it requires, etc.

for windows it is a
"Code Signing Certificates for Microsoft Authenticode
Digitally sign 32-bit or 64-bit user-mode (.exe, .cab, .dll, .ocx, .msi,
.xpi, and .xap files) and kernel-mode software. Provider for Microsoft
Windows Logo programs."

see [1] and [2]

[1] http://www.symantec.com/verisign/code-signing/microsoft-authenticode
[2] overview http://www.symantec.com/code-signing

I found a price by Symantec of 499$/year (reduced prices for 2 or 3
years) but there was already an opportunity that we can find a sponsor,
potentially a provider of such certificates.


> Jürgen Schmidt wrote on Wed, Mar 20, 2013 at 10:28:23 +0100:
>> Hi,
>> I reused this existing thread to restart the discussion about official
>> code signing. In case of AOO we are moving towards our next major
>> release AOO 4.0 which is planned for end if June. With over 40 million
>> downloads in less than 1 year and most of them for Windows this topic is
>> still very important for the project to provide the best user experience
>> and the necessary trust in the product on modern Windows Systems like
>> Windows 8.
>> On http://wiki.apache.org/general/ASFCodeSigning#preview I started to
>> collect requirements and describe also the existing solution in AOO
>> today and how it can be used in a more general approach.
>> The proposal is only one example but I think a practical one when I take
>> all the security concerns into account. But of course it probably
>> requires interaction with the trusted paid staff members.
>> I hope we can move this important topic forward and can find a
>> satisfying solution for all ASF projects who need code signing.
>> Juergen

View raw message