Windows code signing

[J. Landman Gay]

On 1/14/11 1:14 PM, Bob Sneidar wrote:
> Whoa a one time fee? I thought the certificate was a one year certificate?

According to what I've read, you do need to renew the certificate after 
it expires. You can purchase certificates for 1,2, or 3 year periods. 
But if you date your app (there's some approved way to do that, it 
embeds a date into certification) then you don't have to renew, the 
embedded date will allow your certificate to continue working after it 
expires -- or at least, no warning appears.

I appreciate everyone's comments. I just can't see spending much money 
on an app that I won't get any return from, even if it's just the $75 
one-year certificate. I have myself run so-called untrusted Windows apps 
and I'm hoping most people do what I do: trust their virus software and 
click "Continue".

Bill, I hope you do write up the code-signing process though. Eventually 
we'll all need to do it and anything you can provide will help. I was 
reading the requirements and if the cost hadn't put me off, the 
procedure certainly would. It's complex and ugly.

I understand why MS needs to do this, given the tremendous amount of 
malware aimed at that OS, but I feel abused by it and I want to be mad 
at somebody -- only there isn't anyone to be angry at. Microsoft for 
allowing the situation in the first place? That's blood under the 
bridge. The malware authors who took advantage of the situation? It 
would happen on any OS. I suppose I could holler at my husband, he's 
pretty used to it.

-- 
Jacqueline Landman Gay         |     jacque at hyperactivesw.com
HyperActive Software           |     http://www.hyperactivesw.com