The 3.5.2 pkg was signed properly:
$ pkgutil --check-signature ~/Downloads/R-3.5.2.pkg
Package "R-3.5.2.pkg":
Status: signed by a certificate trusted by Mac OS X
Certificate Chain:
1. Developer ID Installer: Simon Urbanek (VZLD955F6P)
SHA1 fingerprint: 7B 6B 81 12 E6 26 8C 16 F8 D4 0F 94 E4 3E 62 69 2E 92 22 81
-----------------------------------------------------------------------------
2. Developer ID Certification Authority
SHA1 fingerprint: 3B 16 6C 3B 7D C4 B7 51 C9 FE 2A FA B9 13 56 41 E3 88 E1 86
-----------------------------------------------------------------------------
3. Apple Root CA
SHA1 fingerprint: 61 1E 5B 66 2C 59 3A 08 FF 58 D1 4A E2 24 52 D1 98 DF 6C 60
But the 3.5.3 pkg has no signature:
$ pkgutil --check-signature ~/Downloads/R-3.5.3.pkg
Package "R-3.5.3.pkg":
Status: no signature
Is it possible to get 3.5.3 signed and replace the file on the download page?
Chris Helming
R 3.5.3 pkg not signed
2 messages · Christopher Helming, Peter Dalgaard
4 days later
Your note seems to have stalled somewhere. It arrived here today (the 19th).
Anyways, this was a temporary situation, the signed package should have reached all of CRAN by now:
pd$ pkgutil --check-signature ~/.Trash/R-3.5.3-2.pkg
Package "R-3.5.3-2.pkg":
Status: signed by a certificate trusted by Mac OS X
Certificate Chain:
1. Developer ID Installer: Simon Urbanek (VZLD955F6P)
SHA1 fingerprint: 7B 6B 81 12 E6 26 8C 16 F8 D4 0F 94 E4 3E 62 69 2E 92 22 81
-----------------------------------------------------------------------------
2. Developer ID Certification Authority
SHA1 fingerprint: 3B 16 6C 3B 7D C4 B7 51 C9 FE 2A FA B9 13 56 41 E3 88 E1 86
-----------------------------------------------------------------------------
3. Apple Root CA
SHA1 fingerprint: 61 1E 5B 66 2C 59 3A 08 FF 58 D1 4A E2 24 52 D1 98 DF 6C 60
-pd
On 14 Mar 2019, at 13:12 , Christopher Helming <cwhits at rit.edu> wrote:
The 3.5.2 pkg was signed properly:
$ pkgutil --check-signature ~/Downloads/R-3.5.2.pkg
Package "R-3.5.2.pkg":
Status: signed by a certificate trusted by Mac OS X
Certificate Chain:
1. Developer ID Installer: Simon Urbanek (VZLD955F6P)
SHA1 fingerprint: 7B 6B 81 12 E6 26 8C 16 F8 D4 0F 94 E4 3E 62 69 2E 92 22 81
-----------------------------------------------------------------------------
2. Developer ID Certification Authority
SHA1 fingerprint: 3B 16 6C 3B 7D C4 B7 51 C9 FE 2A FA B9 13 56 41 E3 88 E1 86
-----------------------------------------------------------------------------
3. Apple Root CA
SHA1 fingerprint: 61 1E 5B 66 2C 59 3A 08 FF 58 D1 4A E2 24 52 D1 98 DF 6C 60
But the 3.5.3 pkg has no signature:
$ pkgutil --check-signature ~/Downloads/R-3.5.3.pkg
Package "R-3.5.3.pkg":
Status: no signature
Is it possible to get 3.5.3 signed and replace the file on the download page?
Chris Helming
[[alternative HTML version deleted]]
_______________________________________________ R-SIG-Mac mailing list R-SIG-Mac at r-project.org https://stat.ethz.ch/mailman/listinfo/r-sig-mac
Peter Dalgaard, Professor, Center for Statistics, Copenhagen Business School Solbjerg Plads 3, 2000 Frederiksberg, Denmark Phone: (+45)38153501 Office: A 4.23 Email: pd.mes at cbs.dk Priv: PDalgd at gmail.com