tibold / svg-explorer-extension

Extension module for Windows Explorer to render SVG thumbnails, so that you can have an overview of your SVG files

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Certificate revoked

Akababa opened this issue · comments

image

It's blocked by windows UAC -- is this still safe?

thanks @Akababa. I added the unsigned binary install programs to the Github releases: https://github.com/maphew/svg-explorer-extension/releases/tag/v0.1.1

Closing this, though resolving #27 and/or #28 will be the real fix (generating new install binaries from current code base).

Perhaps you want to offer some more details as to why the certificate was revoked. A certificate revocation on a code signing certificate is a serious event. Telling people to just move to an unsigned version doesn't address concerns over, say, why the certificate was revoked in the first place.

I would recommend Certum. They offer open source code signing certificates for €25, which is the cheapest I know about. Unfortunately, I don't know of any more free code signing certificates for open source developers.

From what I can tell, CodeNotary is a side-channel software verification system that doesn't interface with the Windows installer. How much you have to pay for it no one can actually see, because they are careful not to say anywhere how much you have to pay until after you sign up for the "free 30 day trial". It looks like they have a community edition which is free to use, but I can't verify that with them. Yet another company who thinks that "blockchain" will attract investors. If you are going to force your users to install something to verify your signatures, why not get them to add hash-checking to their context menu? That then will work for all open source projects and not just the ones who use codenotary.