gpg4win expired code signing cert; please renew.
Werner Koch
wk at gnupg.org
Sun Oct 19 19:47:24 CEST 2025
On Fri, 17 Oct 2025 22:06, Ingo Klöcker said:
> certificate published at
> https://gpg4win.org/package-integrity.html
> has expired. That's correct. Werner should update the list of gpg4win code
Actually I was not aware that someone(tm) put the X.509 certificate
details for AuthentiCode there. I see no real need in this because the
PKI should guarantee that this is a valid one. We use Authenticode only
because Microsoft demands that and some sites only allow running
programs with Authenticode signatures. For package integrity we use
*PGP signatures.
Salam-Shalom,
Werner
--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 284 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20251019/f0a43edf/attachment.sig>
More information about the Gnupg-users
mailing list