Tag Archives: time-stamping

Code Signing: Best Practices

July 27, 2012 by Bruce Morton     1 Comment

The biggest issue with code signing is the protection of the private signing key associated with the code signing certificate. If the key gets compromised, then your certificate is worthless. A compromised key may also jeopardizethe software that you have already signed. Here are some best practices for code signing: 1. Minimize access to private [Read More...]

What is Time-Stamping?

June 27, 2012 by Bruce Morton     No Comments

What happens to signed code when the code signing certificate expires? In many cases, an expired certificate means that the signature validation will fail and a trust warning will appear in the browser. Time-stamping was designed to alleviate this problem. The idea is that at the time, at which the code is signed, the certificate [Read More...]