My org without a pki wants to code sign.

This topic contains 1 reply, has 2 voices, and was last updated by  Don Jones 3 months ago.

  • Author
    Posts
  • #70811

    Dan Potter
    Participant

    If they buy a cert from Entrust and basically everyone trusts entrust, does that mean malicious code signed with an entrust cert would run on the system configured to run 'allsigned' scripts?

    Dan

  • #70846

    Don Jones
    Keymaster

    Yup.

    And it means you'd be able to track them down because a certificate is a digital identification card.

You must be logged in to reply to this topic.