[Bitcoin-development] Signing release binaries

Mike Hearn mike at plan99.net
Sun Jul 29 10:17:51 UTC 2012


MacOS X 10.8 makes application signing borderline mandatory, in that
you cannot run unsigned apps unless you tweak your settings via the
control panel. You must sign with a certificate issued by Apple via
their "identified developer" program.

Windows allows but does not require signing. However, anti-virus
systems tend to use signers with good reputation as a whitelisting
signal. Signing Bitcoin releases makes sense because it may lead to,
at minimum, higher performance if AV engines ignore file reads/writes
by Bitcoin. And it can also shield us from false positives. You only
need to see the mess that the mining tools world has become to
understand why this is important.

As I don't take part in the release process, I can't help out with
this directly, but I believe it's important and would be willing to
throw some money in towards buying the signing certs for both
platforms. I guess Gavin would be the final signer.




More information about the bitcoin-dev mailing list