Verisign!
-
Drat! Verisign has increased the price to renew my code signing certificate from $400 to $500!!:mad: Do other developers here like to, or need to sign their code?
-------------------------------- "All that is necessary for the forces of evil to win in the world is for enough good men to do nothing" -- Edmund Burke
We're signing all new code. It's rapidly becoming a requirement, IMHO. We're using Comodo[^], and it's considerably cheaper than Verisign - we bought a 2 year code signing cert last month for $210.33!
Anna :rose: Linting the day away :cool: Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
-
We're signing all new code. It's rapidly becoming a requirement, IMHO. We're using Comodo[^], and it's considerably cheaper than Verisign - we bought a 2 year code signing cert last month for $210.33!
Anna :rose: Linting the day away :cool: Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
Anna-Jayne Metcalfe wrote:
we bought a 2 year code signing cert last month for $210.33!
That's great, thanks for the tip! But I think that .NET Click Once deployment may only work with Verisign. I'll check into that again just to be sure!
-------------------------------- "All that is necessary for the forces of evil to win in the world is for enough good men to do nothing" -- Edmund Burke
-
Anna-Jayne Metcalfe wrote:
we bought a 2 year code signing cert last month for $210.33!
That's great, thanks for the tip! But I think that .NET Click Once deployment may only work with Verisign. I'll check into that again just to be sure!
-------------------------------- "All that is necessary for the forces of evil to win in the world is for enough good men to do nothing" -- Edmund Burke
I have been using ClickOnce with a Comodo certificate to sign the manifests and everything works fine. I have yet to buy the code-signing certificicate, but I don't think there will be any problem. In any case, get back to us with your results :)
Luis Alonso Ramos Intelectix Chihuahua, Mexico
Not much here: My CP Blog!
-
Anna-Jayne Metcalfe wrote:
we bought a 2 year code signing cert last month for $210.33!
That's great, thanks for the tip! But I think that .NET Click Once deployment may only work with Verisign. I'll check into that again just to be sure!
-------------------------------- "All that is necessary for the forces of evil to win in the world is for enough good men to do nothing" -- Edmund Burke
I'm not 100% sure of this, but I think what won't work with anything other than a Versign cert is the Windows Certification stuff, which is what is required on 64-bit XP and Vista for the Kernel Patch Prevention (PatchGuard) technology.
----------------------------- In just two days, tomorrow will be yesterday.
-
Drat! Verisign has increased the price to renew my code signing certificate from $400 to $500!!:mad: Do other developers here like to, or need to sign their code?
-------------------------------- "All that is necessary for the forces of evil to win in the world is for enough good men to do nothing" -- Edmund Burke
-
Drat! Verisign has increased the price to renew my code signing certificate from $400 to $500!!:mad: Do other developers here like to, or need to sign their code?
-------------------------------- "All that is necessary for the forces of evil to win in the world is for enough good men to do nothing" -- Edmund Burke
-
We're signing all new code. It's rapidly becoming a requirement, IMHO. We're using Comodo[^], and it's considerably cheaper than Verisign - we bought a 2 year code signing cert last month for $210.33!
Anna :rose: Linting the day away :cool: Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
-
Drat! Verisign has increased the price to renew my code signing certificate from $400 to $500!!:mad: Do other developers here like to, or need to sign their code?
-------------------------------- "All that is necessary for the forces of evil to win in the world is for enough good men to do nothing" -- Edmund Burke
MS's WER (error reporting) and Vista logo program require a Verisign cert; they won't take any other issuer's equally-valid cert, which is bullpuckey. :^)
--Mike-- Visual C++ MVP :cool: LINKS~! Ericahist | PimpFish | CP SearchBar v3.0 | C++ Forum FAQ
-
I'm not 100% sure of this, but I think what won't work with anything other than a Versign cert is the Windows Certification stuff, which is what is required on 64-bit XP and Vista for the Kernel Patch Prevention (PatchGuard) technology.
----------------------------- In just two days, tomorrow will be yesterday.
Do you mean the logo programme, or the OS? So far, all the machines we've tried it on (XP and Vista) have recognised and validated the certificate. I'm less worried about the logo programme right now as the test house would not be able to use our product without a third party's involvement (difficult to coordinate = expensive) anyway.
Anna :rose: Linting the day away :cool: Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
-
MS's WER (error reporting) and Vista logo program require a Verisign cert; they won't take any other issuer's equally-valid cert, which is bullpuckey. :^)
--Mike-- Visual C++ MVP :cool: LINKS~! Ericahist | PimpFish | CP SearchBar v3.0 | C++ Forum FAQ
If true, that's crap. Do you have a link confirming this, by any chance?
Anna :rose: Linting the day away :cool: Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
-
MS's WER (error reporting) and Vista logo program require a Verisign cert; they won't take any other issuer's equally-valid cert, which is bullpuckey. :^)
--Mike-- Visual C++ MVP :cool: LINKS~! Ericahist | PimpFish | CP SearchBar v3.0 | C++ Forum FAQ
That's an anticompetitive move right there and we should sue them.
Darroll Not one person lives in the present.
-
Drat! Verisign has increased the price to renew my code signing certificate from $400 to $500!!:mad: Do other developers here like to, or need to sign their code?
-------------------------------- "All that is necessary for the forces of evil to win in the world is for enough good men to do nothing" -- Edmund Burke
There are other alternatives that are way more cost efective. This is what my ISP sent me. "If you are unsure of which Authorized SSL provider to use, we recommend Geotrust, as their pricing is less than Verisign." their price is less than half. Hope this helps.
-fr33l0ader
-
If true, that's crap. Do you have a link confirming this, by any chance?
Anna :rose: Linting the day away :cool: Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
I got that info during a phone conversation with the company that's handling developer relations for devs who want to get into the Vista logo program.
--Mike-- Visual C++ MVP :cool: LINKS~! Ericahist | PimpFish | CP SearchBar v3.0 | C++ Forum FAQ
-
Do you mean the logo programme, or the OS? So far, all the machines we've tried it on (XP and Vista) have recognised and validated the certificate. I'm less worried about the logo programme right now as the test house would not be able to use our product without a third party's involvement (difficult to coordinate = expensive) anyway.
Anna :rose: Linting the day away :cool: Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
Yes, I was referring to the logo certification. On 64-bit (and only 64-bit) XP and Vista all drivers must be signed or the OS won't load them. This only applies to device drivers, so regular desktop applications and services don't have this restriction. Scott.
----------------------------- In just two days, tomorrow will be yesterday.
-
I got that info during a phone conversation with the company that's handling developer relations for devs who want to get into the Vista logo program.
--Mike-- Visual C++ MVP :cool: LINKS~! Ericahist | PimpFish | CP SearchBar v3.0 | C++ Forum FAQ
Thanks for letting us know. :rose:
Anna :rose: Linting the day away :cool: Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
-
Drat! Verisign has increased the price to renew my code signing certificate from $400 to $500!!:mad: Do other developers here like to, or need to sign their code?
-------------------------------- "All that is necessary for the forces of evil to win in the world is for enough good men to do nothing" -- Edmund Burke
You think that is annoying - try signing for WM5 apps. The only option you have is through Verisign and not only do you pay for a cert you have to pay for every single exe, dll, and cab file that is signed (think it's about $30 each time). So if for instance you have an app with 4 dlls, and an exe and you want to package it in a cab then you are up for 6 x $30. If you have different builds for different languages or platforms then you just start multiplying. It's not the normal cert process so you can't use comodo etc. Obviously someone at MS holds a few shares in Verisign.
-
You think that is annoying - try signing for WM5 apps. The only option you have is through Verisign and not only do you pay for a cert you have to pay for every single exe, dll, and cab file that is signed (think it's about $30 each time). So if for instance you have an app with 4 dlls, and an exe and you want to package it in a cab then you are up for 6 x $30. If you have different builds for different languages or platforms then you just start multiplying. It's not the normal cert process so you can't use comodo etc. Obviously someone at MS holds a few shares in Verisign.
Oh, not to mention that the cost just described is for a single release. If you start sending bug fixes or new versions then you pretty much go broke - not from the fees to verisign, but from the people you need to employee to run through the lengthy process of sending Versign each individual file needing to be signed and getting them to update it and send it back.
-
You think that is annoying - try signing for WM5 apps. The only option you have is through Verisign and not only do you pay for a cert you have to pay for every single exe, dll, and cab file that is signed (think it's about $30 each time). So if for instance you have an app with 4 dlls, and an exe and you want to package it in a cab then you are up for 6 x $30. If you have different builds for different languages or platforms then you just start multiplying. It's not the normal cert process so you can't use comodo etc. Obviously someone at MS holds a few shares in Verisign.
Not really an incentive to use multiple assemblies. But not quite costly enough to merge the source into a single binary. How nice of them.
What's in a sig? This statement is false. Build a bridge and get over it. ~ Chris Maunder
-
Drat! Verisign has increased the price to renew my code signing certificate from $400 to $500!!:mad: Do other developers here like to, or need to sign their code?
-------------------------------- "All that is necessary for the forces of evil to win in the world is for enough good men to do nothing" -- Edmund Burke
Usually when a company increases costs it leaves more room for competition. This is a bit different while Microsoft play God. From what I read they seem to be breaking Monopoly laws. But then again, maybe they don't want just anybody to sign files. Maybe Verisign do things 100 times better than other companies. dunno :doh:
-
Usually when a company increases costs it leaves more room for competition. This is a bit different while Microsoft play God. From what I read they seem to be breaking Monopoly laws. But then again, maybe they don't want just anybody to sign files. Maybe Verisign do things 100 times better than other companies. dunno :doh:
