Daniel Atallah datallah at pidgin.im
Thu Jun 18 09:30:47 EDT 2015


On Wed, Jun 17, 2015 at 3:08 PM, Richard Laager <rlaager at wiktel.com> wrote:
>
> On 06/17/2015 01:01 PM, Albert wrote:
>>
>> One of the counter-signatures is not valid.  The file may have been
altered
>
>
> Thanks for bringing this to our attention.
>
> This seems to be caused by the fact that the "COMODO Time Stamping
Server" certificate expired on May 10th.
>
> I'm not familiar with or setup for Windows code signing, so I can't solve
the problem personally. I've copied Daniel Atallah, who signs the Windows
releases, to make sure he's aware of this issue.


Hmm... I'm not sure what to do about this retroactively.

The whole point of the timestamp signing is to keep the signature valid
past the signer's expiration date, but this has effectively had the
opposite effect.

What I can do is to make sure that I look at the expiration date in the
future.

-D
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pidgin.im/cgi-bin/mailman/private/security/attachments/20150618/c47aa455/attachment.html>


More information about the security mailing list