I confirmed that the sha1 signature signed after Jan. 1 2016 still works if KB3033929 is not installed. A sample binary is available here: http://crystalmark.info/redirect.php?product=CrystalDiskMarkInstaller-ja This binary has three signatures in the following order: 1. sha1 digest + sha1 certificate + sha1 timestamp 2. sha2 digest + sha2 certificate + sha1 timestamp 3. sha1 digest + sha2 certificate + sha1 timestamp I tested this with the following environments: * Windows XP SP2 * Windows XP SP3 * Windows Vista * Windows 7 RTM * Windows 7 SP1 with the latest patches * Windows 7 SP1 with the latest patches minus KB3033929 We've employed sha2 single signature due to fear of the breakage on some Win7 machines. I believe we have no reason to avoid dual signatures anymore.
Component: Releases → General Automation
QA Contact: rail → catlee
2 years ago
Duplicate of this bug: 1362836
I don't think this is useful now that we've deprecated support for XP pre-SP2 and Vista?
Component: General Automation → General
Product: Release Engineering → Release Engineering
(In reply to email@example.com (back in 2019Q1) from comment #2) > I don't think this is useful now that we've deprecated support for XP > pre-SP2 and Vista? Let's go with this.
Status: NEW → RESOLVED
Last Resolved: 6 months ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.