On Tue, Dec 9, 2014 at 5:19 PM, Dennis E. Hamilton <[email protected]> wrote: > +1 (non-binding [;<) on PMC approval of any slip-stream. > > I don't understand why full rebuilds are required. The only crucial file > that needs signing is the .exe that is downloaded and extracts the actual > setup files. All it does is extract a number of fixed files and then run the > extracted setup.exe. >
We found this out when we took AOO through the Windows 8 certification testing tool. They have something new called "kernel-mode code signing" where they check each exe, dll, sys , etc., for a digital signature at load time. So certification requires we sign any executable code and then do it for the outermost installer as well. Of course, nothing requires that we go for certification. I bet if we just signed the outermost installer it would be satisfy earlier versions of Windows, antivirus apps and browsers that are doing this kind of check. So it might be worth doing just this minimum initially. Regards, -Rob > If a signed version of that .exe can be created, using the existing setups > delivered with the current 4.1.1 .exe files, there is nothing else to do. It > has to be done once for each language, but that's it. No full rebuilds, no > new dates on files. The extracted setups would be binary identical to each > of the current ones for 4.1.1, so it is easy to verify that the signed .exe > does not deliver anything but the already reviewed installs. > > That might be unworkable, but it is definitely worth seeing if it is possible > rather than going through a full-up set of build processes. > > - Dennis > > PS: Rob's analysis is very useful to keep in mind as we look at other ways to > increase confidence in the AOO binaries and the AOO site as preferable for > those downloads. I think grabbing the low-hanging fruit and getting > something simple through the process is also desirable, especially since we > are starting from zero using the signing process. > > > -----Original Message----- > From: jan i [mailto:[email protected]] > Sent: Tuesday, December 9, 2014 08:29 > To: dev; Dennis Hamilton > Subject: Re: Signing AOO 4.1.1 (was RE: Budapest and thereafter) > > On 9 December 2014 at 16:26, Dennis E. Hamilton <[email protected]> > wrote: > >> Andrea, >> > [ ... ] >> (Or even sign the existing installer >> file, if it is in the proper format for inserting the information and >> signature.) That is, the .cab, .msi, and setup.exe would be completely >> unchanged. >> > No we need to rebuild (and for every language), because the last step in > the build process needs to be repeated, we cannot just patch the files. > > If we could move away from 1 install set pr language, the job would be > about 30 times faster :-) > > > > > AOO is special compared to most other projects, in that the majority of our > users use the binary package. As a consequence, I recommend a PMC vote, > even if its not strictly needed. > > [ ... ] > >> >> It would still have to be project-managed in the sense that all of the >> measures to preserve binary authenticity and provide accompanying binary >> release management internal to AOO should be followed. >> > [ ... ] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
