Why Code Sign?

Bruce Morton

Internet users constantly run into situations where they need to download software from websites. In many cases, the user was not planning to download software. However, to experience or use the functionality offered by the website, they need to make a spot decision: “Run” or “Don’t Run.”

 

 

In this case, “run/don’t run” questions whether or not to run the code that was downloaded. How does a user decide? How does a user or browser know whether or not to trust the software? The answer is code signing.

To assist in the trust decision process, the software publisher can digitally sign their code. The digital signature answers the questions of authentication and integrity, that is:

  • Who signed the code?
  • Has the code been tampered with since it was signed?

Armed with this information, the user can now make the “run/don’t run” decision.

Unfortunately, the digital signature does not answer the following questions:

  • Can I trust the software publisher?
  • Does the code contain malware?

Unsigned code, on the other hand, provides no evidence of authenticity or integrity. The publisher is not identified and, therefore, cannot be held accountable. In addition, the code is subject to tampering. Unsigned code cannot be trusted, except under special circumstances.

What is Code Signing will be covered in the next post of this series.

Bruce Morton
Bruce Morton
Director, Certificate Technology & Standards

Bruce Morton has worked in the public key infrastructure and digital certificate industry for more than 15 years and has focused on SSL and other publicly trusted certificates since 2005. He has been an active member of the CA/Browser Forum that released guidelines for extended validation (EV) certificates and Baseline Requirements for SSL certificates. Bruce oversees the governance and compliance of Entrust’s publicly trusted PKI.

0 Comments

Add to the Conversation