Trac is being migrated to new services! Issues can be found in our new YouTrack instance and WIKI pages can be found on our website.

Changes between Version 11 and Version 12 of Are the packages signed


Ignore:
Timestamp:
Oct 31, 2018, 9:27:23 PM (5 years ago)
Author:
Eion Robb
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • Are the packages signed

    v11 v12  
    3434=== Windows Installers ===
    3535As of Pidgin 2.10.7, the various Windows binaries are signed in two ways.
    36  * the installers and `pidgin.exe` are signed using the [http://msdn.microsoft.com/en-us/library/ms537361(v=vs.85).aspx Microsoft Authenticode] signing mechanism by Daniel Atallah using a certificate with a thumbprint of one of the following:
    37   * Pidgin 2.11.0+: `d3ad05e6a0dd4b777829b84cf8e371181acd04a7`
     36 * the installers and `pidgin.exe` are signed using the [http://msdn.microsoft.com/en-us/library/ms537361(v=vs.85).aspx Microsoft Authenticode] signing mechanism by Daniel Atallah or Eion Robb using a certificate with a thumbprint of one of the following:
     37  * Pidgin 2.13.0+: `a8f1e30ca0a49e2d393a55c79715854490425503`
     38  * Pidgin 2.11.0 - 2.12.0: `d3ad05e6a0dd4b777829b84cf8e371181acd04a7`
    3839  * Pidgin 2.10.10 - 2.10.12: `45b37f151a113d5070036421370813b9fba5cb13`
    3940  * Pidgin 2.10.7 - 2.10.9: `C5476901C3C63FABF54CEBA9E3F887932A9579B5`
    40   * Note that since 2.10.10, these signatures use the SHA-256 algorithm, which Windows XP doesn't support (you can still use GPG to validate the package)
    41  * all distributed packages (installers, debug symbols, binary zip file, gtk bundle zip file) are signed with [http://www.gnupg.org/ GPG] by Daniel Atallah (`DE890574`).
     41  * Note that since 2.10.10, these signatures may use the SHA-256 algorithm, which Windows XP doesn't support (you can still use GPG to validate the package)
     42 * all distributed packages (installers, debug symbols, binary zip file, gtk bundle zip file) are signed with [http://www.gnupg.org/ GPG] by Daniel Atallah (`DE890574`) or Eion Robb (`BC6F79B6`).
    4243
    4344The authenticode signature can be verified most easily by using Windows Explorer to look at the Properties of the installer executable.
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!