flat assembler
Message board for the users of flat assembler.
Index
> Windows > digital signature |
Author |
|
revolution 10 Nov 2010, 15:05
You gotta pay MS to get a valid signature. Self signing is not allowed else everyone would do it.
Anyhow, google is your friend here. |
|||
10 Nov 2010, 15:05 |
|
b1528932 10 Nov 2010, 16:07
For what im paying microsoft?
From my understanding, windows has many public keys (like a million or so), and im buying a private key. When i buy private key, 1 of public keys avaiable in windows will work and my app is veryfied. is that right? i cant find any good info about this. |
|||
10 Nov 2010, 16:07 |
|
revolution 10 Nov 2010, 16:17
Well either way MS holds all the keys so you have to contact them to move forward. If you are serious about signing then talk to MS.
If you think MS charges too much for a key then take it up with MS. We can't help you. |
|||
10 Nov 2010, 16:17 |
|
baldr 10 Nov 2010, 21:22
revolution,
For PE to be considered authentic, it should be signed using trusted key pair. One can generate such pair and use certificate manager to import self-signed certificate into Windows database (so it's source becomes trusted). Then any properly signed entity will be considered authentic by Windows CryptoAPI (I'm simplifying here, for sake of brevity: simple Google search will direct you at least to MakeCert MSDN page. Yes, I've made that several times. No, I didn't pay MS a buck for that. |
|||
10 Nov 2010, 21:22 |
|
revolution 10 Nov 2010, 22:29
I was just assuming that b1528932 wanted to sign for the sake of other people to use it. There seems little point in self-signing and also importing your own keys. And there seems little point in sending both the signed file and the keys to users since that provides absolutely no authentication.
Do you trust your own software? Well of course you do. Why even bother to sign it if only you use it? |
|||
10 Nov 2010, 22:29 |
|
f0dder 11 Nov 2010, 08:23
baldr: that doesn't really work for anything but testing on your own system, though, since other people won't see the file as signed. And it won't work for x64 drivers unless you run your system in testsigning mode.
|
|||
11 Nov 2010, 08:23 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.