Package signing

All software packages in WordFrame Integra have the ability to be signed. This guarantees the pack integrity and details. The signing process is  used by the system to update and to recognize the package that is modified. For obvious reasons all pack developed and maintained by WordFrame Integra team will be signed. We advise you to install unsigned packs with caution.

In general the signing process includes using the Wordframe Integra packaging tool to archive the repository folder in repository.zip and generating the wfpackage.signiture - a XML file with the vendors public key, and encrypted with its private key, information about package's details and size. This is used when the system validates the package's integrity and vendor. If this file is missing, it will be considered as not signed by the system.