As I become more and more comfortable with Vista the number of unsigned software that I am using is starting to grate on my nerves. I am not sure if I am more annoyed with the developers or the OS that keeps reminding me (even when I tell it not to remind me).
There is quite comprehensive article on signing of .NET applications, however, what the article does not go into is that getting a valid certificate from a 3rd party is not free. I can create a test certificate, but the application will have a test certificate that is not verifiable. What, pray tell, is the point of that!
The perfect scenario for me is to use a Uri that I own as the point of verification, that way I can have and own a certificate that is publicly accessible! So as long as you believe that my site is mine, by extension you can trust that I own and control the certificate at that Uri!
Please submit all ideas for this scenario here!
Comments are closed.