md5sums or gpg signatures for offic. rel. packages?

Advertisement

BigBear
Joined:
Posts:
2

md5sums or gpg signatures for offic. rel. packages?

I am possibly mising the tree for the forrest, but I can't find either a md5sum or much preferred a gpg signed signature of the official released packages of the winscp installer, source etc.

I have downloaded the current installer and it unpacks with a winscp.com and a winscp.exe in the applications main directory.

Why would it need both a .com and a .exe? Looks strange/(supicious?) to me. Is there a good reason why a package that deals with safe and encrypted transfer of data doesn't come with a signed signature file against which users can verify that they downloaded the "real" package?

my winscp 3.76 files extracted from "winscp376setup.exe" have the following md5sums

09bbb56a7d143b093d0fbe01ffea2496 *winscp376setup.exe

6e2a5adc37adddff44119eb749760e1f *WinSCP3.exe
b4b6ab8aa1efe97107e8a72bb7edfd35 *WinSCP3.com
eb70788abb75b58570e23e5a658fd686 *DragExt.dll

Thanks for a great tool.
_________________
--
BigBear

Reply with quote

Advertisement

BigBear
Joined:
Posts:
2

md5sums or gpg signatures for offic. rel. packages?

I am possibly mising the tree for the forrest, but I can't find either a md5sum or much preferred a gpg signed signature of the official released packages of the winscp installer, source etc.
I guess my fear was right, I have missed the tree entirely ;-). So there is a md5sum, good start.
But the second part still stands. Why is there no signed signature of the package?

_________________
--
BigBear

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
28,073
Location:
Prague, Czechia

Re: md5sums or gpg signatures for offic. rel. packages?

I'll consider it.
_________________
Martin Prikryl

Reply with quote

Advertisement

You can post new topics in this forum