Which was the year the linux distributions, windows have first used to sign their updates? Historical question that is hard to "google".
Asked
Active
Viewed 119 times
1 Answers
1
In recent releases, Debian has been using strong crypto to validate downloaded packages. This is commonly called "secure apt" (or "apt-secure") and was implemented in Apt version 0.6 in 2003, which Debian migrated to in 2005.
Although work for the underlying dpkg-verify had started since 2000.
From rpm change log, rpm seems to support PGP, presumably for code signing, since at least version 2.0, which was released around 1996.
Windows is a bit difficult to research. There are evidence that Windows 98 had support for signed hotfixes:
Installing Windows 98 and Windows 98 Second Edition Hotfixes
... To install a Windows 98 and Windows 98 Second Edition hotfix on a single computer, run the self-extracting installer. This installer performs the following actions:
- Unpacks the files that are needed for installation into a temporary folder. Typically, these files include:
- ...
- A digital signature file (.cat) used to digitally sign the hotfix binary files (in most situations).
- ...
However, I'm not quite sure what Microsoft means by "in most situation", perhaps it doesn't always require hotfix packages to be signed?
Lie Ryan
- 31,459
- 6
- 70
- 94