diff options
| author | saturneric <[email protected]> | 2025-06-24 13:21:31 +0000 |
|---|---|---|
| committer | saturneric <[email protected]> | 2025-06-24 13:21:31 +0000 |
| commit | 9eacbe6809735bcd16bd7c8c78c5e7c8d015e4f1 (patch) | |
| tree | 85a071868013a7e7f70e03ef936bdc61af177455 | |
| parent | docs: update image urls in gnupg and key database docs (diff) | |
| download | Manual-9eacbe6809735bcd16bd7c8c78c5e7c8d015e4f1.tar.gz Manual-9eacbe6809735bcd16bd7c8c78c5e7c8d015e4f1.zip | |
docs(code-binary-verify): add verification images and certum link
- add images showing verification process for each platform
- include link to certum website for code signing certificate
- maintain existing verification instructions while adding visual aids
| -rw-r--r-- | src/content/docs/appendix/code-binary-verify.md | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/src/content/docs/appendix/code-binary-verify.md b/src/content/docs/appendix/code-binary-verify.md index 4ff95ae..9a739c0 100644 --- a/src/content/docs/appendix/code-binary-verify.md +++ b/src/content/docs/appendix/code-binary-verify.md @@ -33,9 +33,9 @@ verification mechanisms, as outlined below: ### Windows All executable files (.exe, .dll) and installer packages are signed using a -Certum code signing certificate. The signature is trusted by Windows and can be -verified through standard Windows mechanisms (e.g., file properties or -signtool). +[Certum](https://www.certum.eu/en/certum-by-asseco/) code signing certificate. +The signature is trusted by Windows and can be verified through standard Windows +mechanisms (e.g., file properties or signtool). ### macOS @@ -44,6 +44,8 @@ certificate (codesign). Each official release also passes Apple Notarization, ensuring the package’s integrity and compliance with Apple’s security standards. Gatekeeper will automatically verify these protections on first launch. + + ### Linux AppImage packages are provided with a GPG signature file (with a .sig suffix) in @@ -52,6 +54,8 @@ integrity of the package using the provided GPG public key before installation or execution. For Flatpak and other formats, the platform’s own signature and sandboxing mechanisms offer additional security. + + ## Build Info Verification Our software includes an "About" interface accessible from the help menu, @@ -59,6 +63,8 @@ providing users with information about the software version, platform, and the specific GitHub repository branch and commit hash used for compiling the binary. This feature adds an extra layer of transparency and verification for users. + + ## Public Key for Verification Below is the public key used for signing the commits and binary files, which can |