firebird icon indicating copy to clipboard operation
firebird copied to clipboard
verified publisher icon FirebirdSQL

BUILDS: Provide digital signing on installation kits [CORE5996]

Open firebird-automations opened this issue 6 years ago • 1 comments

Submitted by: @helebor

John Frankland in firebird-devel and several other forums: > What is the practice regarding digital signing of Firebird executables and installers etc.? > Some releases have been signed with a "Firebird Inc" certificate in the past but it seems signing is not always done. > Can signing be adopted as a policy?

Alex Peshkov in firebird-devel: It's really funny. Sha256 checksums are provided for snapshot builds but not for releases.

Sean Leyne in firebird-devel: SHA hashes are fine to validate downloads, but they are not the same as signing the install kits/executable.

Windows has increasingly made it difficult to install and/or run non-signed kits/executables.

firebird-automations avatar Jan 31 '19 20:01 firebird-automations

Are there any plans to address this? macOS too really discourages installation of unsigned applications.

hmoffatt avatar May 24 '24 13:05 hmoffatt