View Issue Details

IDProjectCategoryView StatusLast Update
0001377OpenMPTGeneralpublic2021-12-04 19:40
ReporterASIKWUSpulse Assigned ToSaga Musix  
PrioritylowSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
PlatformAllOSWindowsOS Version10
Target VersionOpenMPT 1.29.15.00 / libopenmpt 0.5.14 (upgrade first)Fixed in VersionOpenMPT 1.29.15.00 / libopenmpt 0.5.14 (upgrade first) 
Summary0001377: Making OpenMPT signed software
Description

With each update windows 10 brings, it keeps adding small automations to "make microsoft have more controll over their OS and improving protection" and it's smartscreen feature is no exception. I personally feel it has made the UAC more agressive, since when you launch the installer nowadays, you get this windows where the "Run anyway" has become hidden. And if it takes another step in this direction, it will be obvious that microsoft's about to kill unverified software roaming around free today on their OS.

How hard is software signing? I've seen some other open source softwares like Notepad++ is signed.

TagsNo tags attached.
Has the bug occurred in previous versions?
Tested code revision (in case you know it)

Relationships

related to 0001011 resolvedmanx Automatic update 

Activities

manx

manx

2020-10-08 09:35

administrator   ~0004464

See further discussion in 0001011.

Saga Musix

Saga Musix

2020-10-08 09:37

administrator   ~0004465

It's not hard, but expensive. You need to send out all sorts of legal documents to proof your identity to shady companies and that's not really something I want to do, and it costs a non-trivial amount of money that I think is better spent otherwise.
Most of the pain will go away with automatic updates (0001011) though, so you will only see the UAC prompt on first installation.

manx

manx

2020-10-08 09:40

administrator   ~0004466

Also, in the current situation, signing is actually infeasible for automated builds because we are building on at least 6 hosts for Windows, which are controlled by 2 different people and 1 unrelated organization (AppVeyor). A single signature certificate cannot be distributed to various hosts without defeating its very purpose.
The signature scheme used for the new automated updates uses a different certificate for each builds host, which avoids the security problems with certificate sharing. However, doing that for CA-signed code signing certificates would increase the costs even further.

ASIKWUSpulse

ASIKWUSpulse

2020-10-08 09:43

reporter   ~0004467

Ah I see

Saga Musix

Saga Musix

2020-10-08 09:49

administrator   ~0004468

Basically, the only way I personally can see the official installer that is downloadable from the front page (and which is currently only built by me, not by the buildbots) could get an official code-signing certificate is: Someone decides to sponsor a code-signing certificate for OpenMPT and commits to paying for it every year no matter if the certificate becomes more expensive or not. I don't want to rely on our regular donation pool for this because it's not predictable, and the cheapest available option for open-source code signing certificates (a company called Certum) have increased their prices multiple times in the past so one day those costs might be more than what we get in donations, in particular if maybe one day Certum decides to no longer offer their cheap(er) certificates for open-source software and we'd have to resort to a regular certificate (which is multiple hundreds of Euros typically). But I won't use my personal funds for buying a code-signing certificate, that's for sure.

ASIKWUSpulse

ASIKWUSpulse

2020-10-08 10:59

reporter   ~0004469

The world of open source seems to need a crowd-funded certificate organisation, like Creative Commons is a crowd-funded license organisation.

Saga Musix

Saga Musix

2021-11-18 18:13

administrator   ~0004902

I'm currently in the process of obtaining a code signing certificate, as an OpenMPT user will generously sponsor it.

Saga Musix

Saga Musix

2021-11-22 20:08

administrator   ~0004918

Certificate works, signing support added in r16010.

Issue History

Date Modified Username Field Change
2020-10-08 09:32 ASIKWUSpulse New Issue
2020-10-08 09:34 ASIKWUSpulse Description Updated
2020-10-08 09:35 manx Note Added: 0004464
2020-10-08 09:35 manx Relationship added related to 0001011
2020-10-08 09:35 manx Target Version => OpenMPT 2.0 (very long term goals)
2020-10-08 09:37 Saga Musix Note Added: 0004465
2020-10-08 09:40 manx Note Added: 0004466
2020-10-08 09:43 ASIKWUSpulse Note Added: 0004467
2020-10-08 09:49 Saga Musix Note Added: 0004468
2020-10-08 10:59 ASIKWUSpulse Note Added: 0004469
2021-11-18 18:13 Saga Musix Assigned To => Saga Musix
2021-11-18 18:13 Saga Musix Status new => assigned
2021-11-18 18:13 Saga Musix Note Added: 0004902
2021-11-22 20:06 Saga Musix Target Version OpenMPT 2.0 (very long term goals) => OpenMPT 1.30.01.00 / libopenmpt 0.6.0 (current stable)
2021-11-22 20:08 Saga Musix Note Added: 0004918
2021-11-22 20:08 Saga Musix Status assigned => resolved
2021-11-22 20:08 Saga Musix Resolution open => fixed
2021-11-22 20:08 Saga Musix Fixed in Version => OpenMPT 1.30.01.00 / libopenmpt 0.6.0 (current stable)
2021-12-04 19:40 Saga Musix Fixed in Version OpenMPT 1.30.01.00 / libopenmpt 0.6.0 (current stable) => OpenMPT 1.29.15.00 / libopenmpt 0.5.14 (upgrade first)
2021-12-04 19:40 Saga Musix Target Version OpenMPT 1.30.01.00 / libopenmpt 0.6.0 (current stable) => OpenMPT 1.29.15.00 / libopenmpt 0.5.14 (upgrade first)