Security Basics mailing list archives
Re: Code signing possible of Linux?
From: Alexander Klimov <alserkli () inbox ru>
Date: Tue, 18 Oct 2005 18:37:33 +0200 (IST)
On Mon, 17 Oct 2005, Saqib Ali wrote:
However I would like build this platform on a Linux architecture. I understand that Authenticode for Code Signing is a Microsoft technology, and SignCode.exe is only available for Win32 platform. I was wondering if there any solutions available to sign binaries using the Verisign's Software Publishing Certificates (Authenticode) on a Linux platform?
There are two approaches: * sign distribution package and check before installation, * sign executables and check before each execution. IIUC Authenticode is the first approach. The similar approach used by almost every linux distribution: usually they use GPG signatures to ensure that the package is not changed. If you want to use Authenticode itself (not sure how useful are signed windows programs on linux :-) you probably should check MS web site [1]: Microsoft is committed to ensuring that this technology is implemented on UNIX and the Macintosh platforms. For the second approach consider DigSig [2]. [1] http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnauth/html/signfaq.asp [2] http://sourceforge.net/projects/disec -- Regards, ASK
Current thread:
- Code signing possible of Linux? Saqib Ali (Oct 18)
- Re: Code signing possible of Linux? Alexander Klimov (Oct 18)
- Re: Code signing possible of Linux? Saqib Ali (Oct 18)
- Re: Code signing possible of Linux? Alexander Klimov (Oct 18)