[gnutls-help] Windows binaries security/checksum
Nikos Mavrogiannopoulos
nmav at gnutls.org
Tue Aug 29 11:35:39 CEST 2017
On Mon, 2017-08-28 at 12:11 -0700, Gregory Sloop wrote:
> Nikos...
>
> Is it possible to generate checksums for the Windows binaries so we
> can verify downloads have not been tampered with?
> [This seems like the easiest/least-hassle option I can think of.]
> SHA-256 I suppose?
> I'd probably want checksums anyway - but with a non secure FTP it
> worries me quite a lot more...
Hi,
I'd like to stop distributing these binaries on ftp and switch to
linking directly to the binaries generated during the CI run. For
example:
https://gitlab.com/gnutls/gnutls/builds/artifacts/gnutls_3_6_0_1/download?job=MinGW64/DLLs
https://gitlab.com/gnutls/gnutls/builds/artifacts/gnutls_3_6_0_1/download?job=MinGW32/DLLs
That would not address signing the binaries (couldn't really do as
gitlab runners are not under our full control), but would provide the
binaries over https, and would automate the process allowing to access
the binaries of a release without delay, and without requiring manual
generation.
regards,
Nikos
More information about the Gnutls-help
mailing list