Now that Gramps Genealogy Foundation has incorporated, is it time to pursue a code signing certificate or software publisher certificate?
It should be possible to eliminate those “Unknown Publisher” warnings in Windows (UAC) or macOS when users install software.
If not managed properly, code signing could put our foundation at great risk. Incidents like the SolarWinds attack are good examples of the consequences of poorly implemented code signing practices.
What is that? Can you explain, provide link, etc.
To allow signing the development agreement (get an API key … such as for for FamilySearch), and move the donations account out of an individual person’s name, last month our Chair and Treasurer Brian Matherly went through the work of incorporating a US domestic nonprofit tax-exempt corporation for charitable, educational and scientific purposes.
The big impetus was so we could legally acquire and use API Keys to integrate core support with external services. FamilySearch was the first opportunity. But, if it works out, we now have the option to let our community pursue other opportunities.
Or were you asking about the code signing certificate?
@gramps-project
This question was a reminder that the various website (Discourse, MediaWiki, WordPress, MantisBT, GitHub, SourceForge, mailist, Weblate, Sphinx) footers and “About Us” type webpages need to be updated to increase transparency.
@Nick-Hall
Could you revise the Gramps info box for the upcoming 6.0.8 release and create an Announcement?