Deploying Authenticode with cryptographic hardware for secure software publishing
This paper describes the role of Microsoft Authenticode code-signing and time-stamping in establishing user trust in code that is published online. It provides an overview of the Authenticode code-signing and time-stamping process and examines the role of public key cryptography in proving the identity of the code publisher and proving that code has not been tampered with since original publication. The paper looks at the importance of protecting the credentials that underpin Authenticode and the role of cryptographic hardware in securing digital keys and certificates.
At Microsoft TechNet.
[ Read more ]