Hey there. I know you provide OpenPGP signatures for verification (which is good, and should be kept), but would it perhaps make sense to have setup.exe signed (in the sense of: by some MS trusted certificate) and/or in the MS store (though I guess that might not be possible with their policy)?
Regards, Philippe. -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
