Digitally sign .ttf releases

Reported by Paul Sladen on 2010-10-06
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Ubuntu Font Family

Bug Description

Signed .ttf files are based on the hash of the whole font minus 'DSIG' table and with a zeroed checksum. The 'DSIG' table is then added and a PKCS#7 signature stored in this table:

The implementation would probably need to be validated against current tools:

Paul Sladen (sladen) on 2010-10-06
Changed in ubuntu-font-family:
importance: Undecided → Wishlist
milestone: none → 1.00
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers