Code signing? [modified]
-
Pakl wrote:
I just don't understand why microsoft authenticode certificates are so expensive
I just don't understand why anyone cares. The worst software i've ever had to deal with has been either unsigned and free (adware/spyware/viruses) or unsigned and very expensive (drivers / other control software attached to hardware packages). Both seem to be doing pretty well for themselves though, so obviously signing doesn't mean jack - it's the software equivalent of wearing a pocket protector and hiking boots to impress women...
---- Scripts i’ve known... CPhog 1.8.2 - make CP better. Forum Bookmark 0.2.5 - bookmark forum posts on Pensieve Print forum 0.1.2 - printer-friendly forums Expand all 1.0 - Expand all messages In-place Delete 1.0 - AJAX-style post delete Syntax 0.1 - Syntax highlighting for code blocks in the forums
Shog9 wrote:
it's the software equivalent of wearing a pocket protector and hiking boots to impress women
:-D well, from a users perspective I think it looks very unprofessional if I get a warning (stating that it is untrusted) when I run/install an application...
-
Shog9 wrote:
it's the software equivalent of wearing a pocket protector and hiking boots to impress women
:-D well, from a users perspective I think it looks very unprofessional if I get a warning (stating that it is untrusted) when I run/install an application...
Pakl wrote:
from a users perspective I think it looks very unprofessional if I get a warning (stating that it is untrusted) when I run/install an application...
I'll agree with that, but again - it just doesn't seem to matter. I've never once stopped installing software that i'd paid for because of such warnings, and obviously there are plenty of people who ignore them for software they didn't even realize they were downloading... Either you've already decided you want the program, or you don't realize you have a choice. :rolleyes: IMHO, even if signing was only $100, you'd still be better off paying for some snazzy toolbars or clipart or something that the user will see while they actually use the program. Leave the signing thing for companies that have to. (or are positioned such that it isn't any great expense)
---- Scripts i’ve known... CPhog 1.8.2 - make CP better. Forum Bookmark 0.2.5 - bookmark forum posts on Pensieve Print forum 0.1.2 - printer-friendly forums Expand all 1.0 - Expand all messages In-place Delete 1.0 - AJAX-style post delete Syntax 0.1 - Syntax highlighting for code blocks in the forums
-
Shog9 wrote:
it's the software equivalent of wearing a pocket protector and hiking boots to impress women
:-D well, from a users perspective I think it looks very unprofessional if I get a warning (stating that it is untrusted) when I run/install an application...
Pakl wrote:
well, from a users perspective I think it looks very unprofessional if I get a warning (stating that it is untrusted) when I run/install an application...
Even Microsoft not sign some stuff what puts available to download
Engaged in learning of English grammar ;)
For God so loved the world, that he gave his only begotten Son, that whosoever believeth in him should not perish, but have everlasting life.(John 3:16) :badger: -
I just don't understand why microsoft authenticode certificates are so expensive (450$/year) :wtf: ??? https://securitycenter.verisign.com/celp/enroll/retail[^] Do you sign your code? where did you buy your certificate? EDIT: I have just found one a bit cheaper... 170$/year http://www.instantssl.com/code-signing/code-signing.html[^] -- modified at 20:08 Monday 5th February, 2007
I asked a similar question[^] a while ago, and I've yet to bother with signing the code...
The StartPage Randomizer | The Timelapse Project | A Random Web Page
-
Pakl wrote:
from a users perspective I think it looks very unprofessional if I get a warning (stating that it is untrusted) when I run/install an application...
I'll agree with that, but again - it just doesn't seem to matter. I've never once stopped installing software that i'd paid for because of such warnings, and obviously there are plenty of people who ignore them for software they didn't even realize they were downloading... Either you've already decided you want the program, or you don't realize you have a choice. :rolleyes: IMHO, even if signing was only $100, you'd still be better off paying for some snazzy toolbars or clipart or something that the user will see while they actually use the program. Leave the signing thing for companies that have to. (or are positioned such that it isn't any great expense)
---- Scripts i’ve known... CPhog 1.8.2 - make CP better. Forum Bookmark 0.2.5 - bookmark forum posts on Pensieve Print forum 0.1.2 - printer-friendly forums Expand all 1.0 - Expand all messages In-place Delete 1.0 - AJAX-style post delete Syntax 0.1 - Syntax highlighting for code blocks in the forums
well for a product there isn't really much choice. If you want to put 'Designed for Windows Vista' on your cover you have to sign it. http://download.microsoft.com/download/8/e/4/8e4c929d-679a-4238-8c21-2dcc8ed1f35c/Windows%20Vista%20Software%20Logo%20Spec%201.1.doc[^]
-
well for a product there isn't really much choice. If you want to put 'Designed for Windows Vista' on your cover you have to sign it. http://download.microsoft.com/download/8/e/4/8e4c929d-679a-4238-8c21-2dcc8ed1f35c/Windows%20Vista%20Software%20Logo%20Spec%201.1.doc[^]
Pakl wrote:
If you want to put 'Designed for Windows Vista' on your cover you have to sign it.
Can't argue with that one. :)
---- Scripts i’ve known... CPhog 1.8.2 - make CP better. Forum Bookmark 0.2.5 - bookmark forum posts on Pensieve Print forum 0.1.2 - printer-friendly forums Expand all 1.0 - Expand all messages In-place Delete 1.0 - AJAX-style post delete Syntax 0.1 - Syntax highlighting for code blocks in the forums
-
I just don't understand why microsoft authenticode certificates are so expensive (450$/year) :wtf: ??? https://securitycenter.verisign.com/celp/enroll/retail[^] Do you sign your code? where did you buy your certificate? EDIT: I have just found one a bit cheaper... 170$/year http://www.instantssl.com/code-signing/code-signing.html[^] -- modified at 20:08 Monday 5th February, 2007
Try Comodo[^]. They are similar certificates as Verisign's, and much cheaper. The code-signing certificate is only $89 per year (I think).
Luis Alonso Ramos Intelectix Chihuahua, Mexico
Not much here: My CP Blog!
-
Try Comodo[^]. They are similar certificates as Verisign's, and much cheaper. The code-signing certificate is only $89 per year (I think).
Luis Alonso Ramos Intelectix Chihuahua, Mexico
Not much here: My CP Blog!
just found the same thing (http://www.instantssl.com/code-signing/code-signing.html[^]) Thanks
-
I just don't understand why microsoft authenticode certificates are so expensive (450$/year) :wtf: ??? https://securitycenter.verisign.com/celp/enroll/retail[^] Do you sign your code? where did you buy your certificate? EDIT: I have just found one a bit cheaper... 170$/year http://www.instantssl.com/code-signing/code-signing.html[^] -- modified at 20:08 Monday 5th February, 2007
-
I just don't understand why microsoft authenticode certificates are so expensive (450$/year) :wtf: ??? https://securitycenter.verisign.com/celp/enroll/retail[^] Do you sign your code? where did you buy your certificate? EDIT: I have just found one a bit cheaper... 170$/year http://www.instantssl.com/code-signing/code-signing.html[^] -- modified at 20:08 Monday 5th February, 2007
-
I just don't understand why microsoft authenticode certificates are so expensive (450$/year) :wtf: ??? https://securitycenter.verisign.com/celp/enroll/retail[^] Do you sign your code? where did you buy your certificate? EDIT: I have just found one a bit cheaper... 170$/year http://www.instantssl.com/code-signing/code-signing.html[^] -- modified at 20:08 Monday 5th February, 2007
At our place, I sign Excel VBA macros because it is cheaper to sign than to explain (and re-explain) the warning dialog boxes. Especially when the users sit on mahogany row.
-
Make your own CA Cert, and let your users download it from your web site, or include it in your package. Then they will never get that message again from something you publish.
Can you explain how to do this?
-
Can you explain how to do this?
-
Pakl wrote:
I just don't understand why microsoft authenticode certificates are so expensive
I just don't understand why anyone cares. The worst software i've ever had to deal with has been either unsigned and free (adware/spyware/viruses) or unsigned and very expensive (drivers / other control software attached to hardware packages). Both seem to be doing pretty well for themselves though, so obviously signing doesn't mean jack - it's the software equivalent of wearing a pocket protector and hiking boots to impress women...
---- Scripts i’ve known... CPhog 1.8.2 - make CP better. Forum Bookmark 0.2.5 - bookmark forum posts on Pensieve Print forum 0.1.2 - printer-friendly forums Expand all 1.0 - Expand all messages In-place Delete 1.0 - AJAX-style post delete Syntax 0.1 - Syntax highlighting for code blocks in the forums
It secures the code from modification and alerts user if it is modified!