Posts Tagged ‘Code Signing certificate’

Code Installation Trust Decision

Thursday, June 21st, 2012 | Bruce Morton

The code has been signed, the user has started installation, and verification has taken place. How does the user know whether or not to accept the code?

Here is a typical code verification security warning:

The user must make their trust decision based on the above. The statement provides the following:

  1. File Name: In this case it is AdbeRdr1010_en_US.exe
  2. Publisher Name: Adobe Systems, Incorporated
  3. Code-Signing Certificate: The user would need to click on the publisher name

(more…)

Tags: ,
Posted in Code Signing | Add Comment | No Comments »

Code Signing

Friday, June 17th, 2011 | Bruce Morton

Although this is the Entrust Insight SSL Blog, Entrust Certificate Services issues other types of certificates such as Code Signing, Adobe CDS and Client S/MIME. The purpose of this post is to kick off a series on Code Signing. When the series is completed, this post can be used as an index to all other related posts.

Here is what we plan to cover:

  1. Why Code Sign?
  2. What is Code Signing?
  3. Verifying Code Authenticity
  4. How to Digitally Code Sign
  5. Code Installation Trust Decision
  6. What is Time-Stamping?
  7. Self-Signed Versus Trusted CA Certificates
  8. Code Signing: Best Practices
  9. Application Reputation

The above list may change as the articles are written. Reader feedback would be greatly appreciated to help refine the topics.

Entrust offers Code Signing certificates to sign and certify the following:

  • Authenticode (most Microsoft® Windows® platforms)
  • Java
  • Microsoft® Office® macros and Visual Basic script

Tags: , , , , , ,
Posted in Code Signing, Technical | Add Comment | No Comments »