blob: 422ec49a1ec04e64202a36702038421556e90a47 (
plain)
1
2
3
4
5
6
7
|
# Code Signing on Build Servers
We sign things so that we can authenticate them later, but authentication is
largely a conscious function. Computers are bad at answering "is this real".
Major signing systems (GPG, jarsigner) require presentation of credentials at
signing time. CI servers don't generally have safe tools for this.
|
