[gimp-web] Small fixes for the news post on installers and certificates
- From: Michael Schumacher <schumaml src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gimp-web] Small fixes for the news post on installers and certificates
- Date: Fri, 18 Mar 2016 19:40:24 +0000 (UTC)
commit 25289e46b2da650635e5a9aeedbc56d7beeaa103
Author: Alexandre Prokoudine <alexandre prokoudine gmail com>
Date: Fri Mar 18 18:38:45 2016 +0300
Small fixes for the news post on installers and certificates
...016-03-17 Corrupt Windows Installer Warnings.md | 8 ++++----
1 files changed, 4 insertions(+), 4 deletions(-)
---
diff --git a/content/news/2016-03-17 Corrupt Windows Installer Warnings.md b/content/news/2016-03-17 Corrupt
Windows Installer Warnings.md
index db46440..b9b25b5 100644
--- a/content/news/2016-03-17 Corrupt Windows Installer Warnings.md
+++ b/content/news/2016-03-17 Corrupt Windows Installer Warnings.md
@@ -5,12 +5,12 @@ Authors: Michael Schumacher
Slug: corrupt-windows-installer-warnings
Summary: The Windows installer packages for GIMP 2.8.16 are reported as corrupt when downloaded with the
Microsoft Edge or Internet Explorer 11 browsers. This is due to a policy by Microsoft.
-We are receiving reports that some users can't download our [installer packages](//www.gimp.org/downloads/)
for the Microsoft Windows platforms. Microsoft Edge and Internet Explorer 11 [mark them as
corrupt](//social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx#Signature_Verification_Failure_Experience)
and discourage users from running them.
+For the past few weeks, we have been receiving reports that some users can't download our [installer
packages](//www.gimp.org/downloads/) for the Microsoft Windows platforms. Microsoft Edge and Internet
Explorer 11 [mark them as
corrupt](//social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx#Signature_Verification_Failure_Experience)
and discourage users from running them.
-Turns out this is a policy change by Mircosoft, gone into effect on 2016-01-01, and affecting all kinds of
security certificates as of specific deadlines - this includes code signing certificates. Jernej Simončič,
who creates the Windows installer packages, signs them to make their authenticity verifiable, but the way
this signature is done is no longer considered safe by Microsoft (there are justified technical reasons,
actually).
+Turns out this is a policy change by Mircosoft, gone into effect on January 1, 2016. The new policy affects
all kinds of security certificates as of specific deadlines, and this includes code signing certificates.
Jernej Simončič, who creates the Windows installer packages, signs them to make their authenticity
verifiable. But the way this signature is done is no longer considered safe by Microsoft, and there are
justified technical reasons for that.
Administrators and users of Microsoft Windows systems are well advised to make themselves familiar with the
implications of this policy; the TechNet article on the subject is available at [Windows Enforcement of
Authenticode Code Signing and
Timestamping](//social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx).
-We are working to resolve the issue - this requires a more recent code-signing certificate, and signing the
installer packages with it. Stay tuned for updates.
+We are working to resolve the issue — this requires a more recent code-signing certificate and signing the
installer packages with it. Stay tuned for updates.
-As a workaround, you can use other web browsers to download the installer packages.
+As a temporary workaround, you can use other web browsers to download the installer packages.
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]