| Subject: | Can you sign the releases using gpg or something |
| Date: | Sat, 12 Mar 2016 04:47:23 +0000 (UTC) |
| To: | "bug-Perl-Dist-Strawberry [...] rt.cpan.org" <bug-Perl-Dist-Strawberry [...] rt.cpan.org> |
| From: | Ray Satiro <raysatiro [...] yahoo.com> |
Hi and thank you for your software. I notice digital signatures are not in use and I recall that is due to some problem with the authenticode signing certificate that could not be resolved. Wouldn't it be possible to just use gpg to make a signing key and then sign each installer and generate a sig file, and then a user like me can use that to verify? Thanks