Changes between Version 11 and Version 12 of Are the packages signed

Timestamp:

Oct 31, 2018, 9:27:23 PM (5 years ago)

Author:

Eion Robb

Comment:

--

Are the packages signed

@@ -34 +34 @@
 === Windows Installers ===
 As of Pidgin 2.10.7, the various Windows binaries are signed in two ways.
- * the installers and `pidgin.exe` are signed using the [http://msdn.microsoft.com/en-us/library/ms537361(v=vs.85).aspx Microsoft Authenticode] signing mechanism by Daniel Atallah using a certificate with a thumbprint of one of the following:
-  * Pidgin 2.11.0+: `d3ad05e6a0dd4b777829b84cf8e371181acd04a7`
+ * the installers and `pidgin.exe` are signed using the [http://msdn.microsoft.com/en-us/library/ms537361(v=vs.85).aspx Microsoft Authenticode] signing mechanism by Daniel Atallah or Eion Robb using a certificate with a thumbprint of one of the following:
+  * Pidgin 2.13.0+: `a8f1e30ca0a49e2d393a55c79715854490425503`
+  * Pidgin 2.11.0 - 2.12.0: `d3ad05e6a0dd4b777829b84cf8e371181acd04a7`
   * Pidgin 2.10.10 - 2.10.12: `45b37f151a113d5070036421370813b9fba5cb13`
   * Pidgin 2.10.7 - 2.10.9: `C5476901C3C63FABF54CEBA9E3F887932A9579B5`
-  * Note that since 2.10.10, these signatures use the SHA-256 algorithm, which Windows XP doesn't support (you can still use GPG to validate the package)
- * all distributed packages (installers, debug symbols, binary zip file, gtk bundle zip file) are signed with [http://www.gnupg.org/ GPG] by Daniel Atallah (`DE890574`).
+  * Note that since 2.10.10, these signatures may use the SHA-256 algorithm, which Windows XP doesn't support (you can still use GPG to validate the package)
+ * all distributed packages (installers, debug symbols, binary zip file, gtk bundle zip file) are signed with [http://www.gnupg.org/ GPG] by Daniel Atallah (`DE890574`) or Eion Robb (`BC6F79B6`).
 
 The authenticode signature can be verified most easily by using Windows Explorer to look at the Properties of the installer executable.