[scintilla:feature-requests] #1509 Digitally signed binaries

5 views
Skip to first unread message

Atanas

unread,
Dec 7, 2023, 10:28:21 AM12/7/23
to scintill...@googlegroups.com

[feature-requests:#1509] Digitally signed binaries

Status: open
Group: Initial
Created: Thu Dec 07, 2023 03:28 PM UTC by Atanas
Last Updated: Thu Dec 07, 2023 03:28 PM UTC
Owner: nobody

Hello,

my organization makes use of both the SciTE.exe and the scintilla.dll, lexilla.dll libraries.
However, the application security audits require 3rd party binaries to be digitally signed.
Is there a way to obtain these binaries with a trusted digital signature?

Kind regards,
Atanas

Sent from sourceforge.net because scintill...@googlegroups.com is subscribed to https://sourceforge.net/p/scintilla/feature-requests/

To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/scintilla/admin/feature-requests/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.

Neil Hodgson

unread,
Dec 7, 2023, 3:30:07 PM12/7/23
to scintill...@googlegroups.com
  • labels: --> scite, scintilla
  • Group: Initial --> Won't_Implement
  • Comment:

It costs money to purchase Windows code-signing digital certificates and the process of signing executables is complex and time consuming. Microsoft, unlike Apple, don't make this easy for open source projects.

[feature-requests:#1509] Digitally signed binaries

Status: open
Group: Won't_Implement
Labels: scite scintilla

Created: Thu Dec 07, 2023 03:28 PM UTC by Atanas
Last Updated: Thu Dec 07, 2023 03:28 PM UTC
Owner: nobody

Atanas

unread,
Dec 8, 2023, 3:30:39 AM12/8/23
to scintill...@googlegroups.com

Understandable. Thank you for the quick response!

[feature-requests:#1509] Digitally signed binaries

Status: open


Group: Won't_Implement
Labels: scite scintilla

Created: Thu Dec 07, 2023 03:28 PM UTC by Atanas

Last Updated: Thu Dec 07, 2023 08:29 PM UTC
Owner: nobody

José GONÇALVES

unread,
Feb 9, 2024, 7:26:11 AM2/9/24
to scintill...@googlegroups.com

With Certum, open source certificates are now 69 euro per year. The dongle was 105 euro including shipping (a few years ago).
https://shop.certum.eu/open-source-code-signing.html

[feature-requests:#1509] Digitally signed binaries

Status: open


Group: Won't_Implement
Labels: scite scintilla

Created: Thu Dec 07, 2023 03:28 PM UTC by Atanas

Last Updated: Fri Dec 08, 2023 08:30 AM UTC
Owner: nobody

Neil Hodgson

unread,
Feb 10, 2024, 8:14:09 PM2/10/24
to scintill...@googlegroups.com

If I read that correctly, I would have to physically visit an identity verification point, These are concentrated in Europe and there are none in Australia where I live.

[feature-requests:#1509] Digitally signed binaries

Status: open
Group: Won't_Implement
Labels: scite scintilla
Created: Thu Dec 07, 2023 03:28 PM UTC by Atanas

Last Updated: Fri Feb 09, 2024 12:26 PM UTC
Owner: nobody

Martijn Laan

unread,
Jun 19, 2024, 12:19:25 AM6/19/24
to scintill...@googlegroups.com

See https://www.support.certum.eu/en/required-documents/: they have two options actually. The first is what you're talking about but the second doesn't require you to make a physical visit. I just went through the process and it's quick and painless as long as you use a reliable email adress which has no chance of rejecting any of their messages.

Additionally I would recommend cloud signing. It's cheaper and also much more convenient if you ask me. See https://shop.certum.eu/open-source-code-signing-on-simplysign.html It does require you to install their 2FA app on a phone.

I've been using Certum for many years now to sign Inno Setup and I understand how annoying this whole concept is but to me it's now better than it was in a very long time and am also glad Cetrum supports open source in this way.

Let me know if you have questions.

[feature-requests:#1509] Digitally signed binaries

Status: open
Group: Won't_Implement
Labels: scite scintilla
Created: Thu Dec 07, 2023 03:28 PM UTC by Atanas

Last Updated: Sun Feb 11, 2024 01:14 AM UTC
Owner: nobody

Neil Hodgson

unread,
Feb 18, 2026, 5:37:36 PMFeb 18
to scintill...@googlegroups.com
  • Group: Won't_Implement --> Committed
  • Comment:

Have purchased a code signing certificate from Certum and will use this for future releases.

[feature-requests:#1509] Digitally signed binaries

Status: open
Group: Committed
Labels: scite scintilla

Created: Thu Dec 07, 2023 03:28 PM UTC by Atanas

Last Updated: Wed Jun 19, 2024 04:19 AM UTC
Owner: nobody

Neil Hodgson

unread,
Feb 24, 2026, 5:59:36 PM (13 days ago) Feb 24
to scintill...@googlegroups.com
  • status: open --> closed

[feature-requests:#1509] Digitally signed binaries

Status: closed


Group: Committed
Labels: scite scintilla

Created: Thu Dec 07, 2023 03:28 PM UTC by Atanas

Last Updated: Wed Feb 18, 2026 10:37 PM UTC
Owner: nobody

Reply all
Reply to author
Forward
0 new messages