[bisq-network/bisq] Investigate signing Windows and macOS binary executables (#1952)
Devin Bileck
notifications at github.com
Fri Dec 28 03:06:16 UTC 2018
Since Bisq is a decentralized project and team, there is no official business entity to register and sign the code signatures as required by certificate authorities.
Potentially a single trusted contributor could register and manage the code signing, likely as a bonded role.
However, Bitcoin Core has implemented code signing by having some core developers create an association with the single purpose of registering for code signing certificates. To quote their website (https://bitcoincorecodesigning.org/):
> Bitcoin Core signs its Windows and macOS binaries with code signing certificates. Those certificates either need to be bound to an individual or a company organization. Bitcoin Core is purely an open source project and has no legal entity, thus, some of the Core Developers have founded an association with the single purpose of registering for code signing certificates.
So Bisq could potentially follow suit and create an association just for the purpose of registering for code signing certificates. This approach would likely still require a bonded role for all those involved.
@ManfredKarrer @cbeams @ripcurlx Do you have any comments or suggestions on which approach and whether to proceed?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/bisq-network/bisq/issues/1952#issuecomment-450279469
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bisq.network/pipermail/bisq-github/attachments/20181227/091eec77/attachment.html>
More information about the bisq-github
mailing list