Hacker News new | ask | show | jobs
by jdonald 2475 days ago
> Why didn't the author sign it?

Discussed here: https://github.com/rust-lang/rustup.rs/issues/1568

It boils down to that the authors have not gotten around to it and are not experts on Authenticode. Apparently the macOS binary is also not signed, so at least Windows isn't being singled out.

To validate your binary you can use the SHA256 checksum that someone posted in the issue two days ago.
1 comments
fortran77 2475 days ago
Thanks.

Are there people on the team that don't like or care about those running anything other than Linux (whose users will download and run anything!)? Or is this simply laziness?

link
jdonald 2475 days ago
I would assume positive intent. There are some answers to give perspective if you read further down in the ticket, like this one:

-----------------

kinnison commented on Jun 6

We do care we care greatly. Sadly while we have someone volunteering to help us with sorting out code-signing, it is a complex logistical problem because there's not (yet) a mechanism in place for the project to hold a legal entity to be identified by the certificates.

link