Re: microsoft authenticode digital id

From: Don Dumitru [MSFT] (dondu@online.microsoft.com)
Date: 12/28/02

• Next message: Bongo: "Re: microsoft authenticode digital id"
• Previous message: Craig Williams: "Re: microsoft authenticode digital id"
• In reply to: LL: "microsoft authenticode digital id"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Don Dumitru [MSFT]" <dondu@online.microsoft.com>
Date: Fri, 27 Dec 2002 16:13:27 -0800

It is possible to self-sign. You can use a certificate server (Windows 2000
Server comes with one) to generate your own root cert, and then sign with
that cert. You become your own Certifying Authority (CA).

The major problem is, how do you get clients to trust your root cert? If
you are in an enterprise, you can distribute the settings for that root cert
within your corp (using any technique from letting people run a setup app
from a file share, through using Group Policies to push it out). If you are
in a vertical market where you have a strong relationship with your
customers, you can use that relationship to help your customers install the
root cert.

The major problem is if you are doing Internet-connected apps, with a loose
relationship with your customers - especially if they are anonymous, and
just come visit your site from time to time. In that case, the Verisign
option tends to be the most user-friendly to your customers, since your
customers almost certainly already have Verisign's root cert installed on
their machines, as part of their web browser install.

--Don

--
This posting is provided "AS IS" with no warranties, and confers no rights.
"LL" <nowhere@yahoo.com> wrote in message
news:Om14z0erCHA.428@TK2MSFTNGP09...
> I'd like to digitally sign my control with Microsoft Authenticode Digital
> ID. Verisign charges $400 for this. Does anybody know other vendor selling
> this digital ID? Thanks.
>
> :L
>
>
>

• Next message: Bongo: "Re: microsoft authenticode digital id"
• Previous message: Craig Williams: "Re: microsoft authenticode digital id"
• In reply to: LL: "microsoft authenticode digital id"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Internet_55 - How to install root certification on PPC 2003 ... You should be able to copy the root cert. ... File Explorer to install it. ... > Having done so the PDA does not recognize the file type. ... (microsoft.public.pocketpc.activesync) Re: Exchange Server 2003 and Active Sync ... I've installed the Root cert and Intermediate ... If you have installed a selfsigned certificate on the exchange server ... must install the root certificate on the device. ... (microsoft.public.exchange.setup) CA Root Certs help with IE6 ... 'this CA root cert is not trusted. ... When I install it is fine. ... automatically get installed without prompting? ... we get prompted when attaching to other servers ... (microsoft.public.security) Re: TLS ... The firewall is not acting as a relay - but that's a good thought... ... I'll install the Root cert which should ... (microsoft.public.exchange.admin)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint