Skip to content

feature: use minisign to sign binaries #21543

New issue
New issue
Closed
#21798
Closed
feature: use minisign to sign binaries#21543
#21798
Assignees
holimangballet
@holiman

Description

@holiman
holiman
opened on Sep 10, 2020

From Thomas Ptacek (https://latacora.singles/2019/07/16/the-pgp-problem.html ) :

Signing Packages

Use Signify/Minisign. Ted Unangst will tell you all about it. It’s what OpenBSD uses to sign packages. It’s extremely simple and uses modern signing. Minisign, from Frank Denis, the libsodium guy, brings the same design to Windows and macOS; it has bindings for Go, Rust, Python, Javascript, and .NET; it’s even compatible with Signify.

About minisign: https://jedisct1.github.io/minisign/

Minisign is compatible with signify used by OpenBSD

The todo's would be:

  • Make some dummy key and make available to builders
  • Make the builders generate the signature file, based off the dummy key
  • Swap to a real key, publish pub sig on download page

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions