My org without a pki wants to code sign.

This topic contains 1 reply, has 2 voices, and was last updated by Profile photo of Don Jones Don Jones 1 month, 1 week ago.

  • Author
    Posts
  • #70811
    Profile photo of Dan Potter
    Dan Potter
    Participant

    If they buy a cert from Entrust and basically everyone trusts entrust, does that mean malicious code signed with an entrust cert would run on the system configured to run 'allsigned' scripts?

    Dan

  • #70846
    Profile photo of Don Jones
    Don Jones
    Keymaster

    Yup.

    And it means you'd be able to track them down because a certificate is a digital identification card.

You must be logged in to reply to this topic.