Comment by saltamimi
3 hours ago
I'm confused why they can't just generate their own signing key and deploy it alongside the installer.
Using arbiter platforms like this sounds like a great way to footgun yourself.
3 hours ago
I'm confused why they can't just generate their own signing key and deploy it alongside the installer.
Using arbiter platforms like this sounds like a great way to footgun yourself.
Because a bad guy can also generate their own signing key and deploy it alongside the installer.
See Notepad++ for how that winds up.
Then you can publish the public Code Signing certificate for download/import or publish it through WinGet.
Using Azure Trusted Signing or any other certificate vendor does not guarantee that a binary is 100% trustworthy, it just means someone put their name on it.