The code has been signed, the user has started installation, and verification has taken place. How does the user know whether or not to accept the code?
Here is a typical code verification security warning:
The user must make their trust decision based on the above. The statement provides the following:
- File Name: In this case it is AdbeRdr1010_en_US.exe
- Publisher Name: Adobe Systems, Incorporated
- Code-Signing Certificate: The user would need to click on the publisher name
How to make the installation trust decision:
- Were you planning to install software? If so, proceed.
- Check the file name and see if it indicates the software you were planning to install. In this case it is Adobe Reader 10, which the name seems to indicate.
- Check the publisher name and see if this matches who you think wrote the software. This may be hard as the software download site may be different than the publisher’s site.
- Check the code-signing certificate and see if the publisher’s name is in the certificate. Also, the user can see which CA issued the certificate and may trust the certificate based on the CA.
Here is a trust dialogue for code that you might not trust:
The file name is “App.exe,” which is not likely specific enough. The publisher’s name is “Unknown Publisher,” which means that a public CA did not verify the code-signing certificate. The code may not be harmful, but it was likely signed with a self-issued code-signing certificate. This means you cannot trust who signed the code. Thus, you should not trust the code.
This is the fifth post in our code-signing. Check out the full list to read past entries and see what’s upcoming.