Re: Code signing possible of Linux?

[Alexander Klimov <alserkli () inbox ru>]

On Mon, 17 Oct 2005, Saqib Ali wrote:
> However I would like build this platform on a Linux architecture. I
> understand that Authenticode for Code Signing is a Microsoft
> technology, and SignCode.exe is only available for Win32 platform. I
> was wondering if there any solutions available to sign binaries using
> the Verisign's Software Publishing Certificates (Authenticode) on a
> Linux platform?

There are two approaches:
 * sign distribution package and check before installation,
 * sign executables and check before each execution.

IIUC Authenticode is the first approach. The similar approach used by
almost every linux distribution: usually they use GPG signatures to
ensure that the package is not changed.

If you want to use Authenticode itself (not sure how useful are
signed windows programs on linux :-) you probably should check MS web
site [1]:
  Microsoft is committed to ensuring that this technology is
  implemented on UNIX and the Macintosh platforms.

For the second approach consider DigSig [2].

[1] http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnauth/html/signfaq.asp

[2] http://sourceforge.net/projects/disec

-- 
Regards,
ASK