Printer Friendly
Dictionary, Encyclopedia and Thesaurus - The Free Dictionary
3,906,581,696 visitors served.
forum Join the Word of the Day Mailing List For webmasters
?
Dictionary/
thesaurus
Medical
dictionary
Legal
dictionary
Financial
dictionary
Acronyms
 
Idioms
Encyclopedia
Wikipedia
encyclopedia
?

code signing

   Also found in: Wikipedia 0.01 sec.
code signing
A method of ensuring that an executable program has come from a valid software publisher and has not been altered by anyone in between. Also known as "object signing," an EXE, CAB, driver or other executable file is digitally signed and transmitted along with a digital certificate from a certification authority (CA) such as VeriSign (www.verisign.com) or Thawte (www.thawte.com).

Verifying the Signed Certificate
After the code-signed executable is downloaded from a Web site, its certificate is extracted by the user's browser. From an internal list of certificate authorities (CAs) and their public keys, the browser uses the appropriate public key to verify the signature in the certificate. Once verified, it means that the software publisher is who it claims to be, and the public key in the certificate belongs to that publisher.

Verifying the Signed Executable
Next, the publisher's public key is used to verify the signature created from the executable's binary content. The public key decrypts the signature back into the digest, which is compared to the newly computed digest at the client side. If they match, the executable is verified to have come from the publisher without being tampered with. For more on certificate verification, see digital certificate and digital signature.

Object and Code Signing
Although both terms are used interchangeably, object signing refers to any files delivered in this manner, while code signing refers specifically to executables, which is the major concern these days when downloading so many active elements from the Internet. Authenticode is Microsoft's code signing system, and Object Signing is Netscape's system.

The Code Signing Process
The combination of the signed digital certificate and the signed executable file ensures that the executable has come from a valid publisher and has not been tampered with.
Want to thank TFD for its existence? Tell a friend about us, add a link to this page, add the site to iGoogle, or visit the webmaster's page for free fun content.
?Page tools
Printer friendly
Cite / link 		Feedback
Mentioned in?  References in periodicals archive?   Encyclopedia browser?   Full browser?
No references found
 
According to the company, Microsoft will use VeriSign Secure Sockets Layer (SSL) Certificates and VeriSign Code Signing Certificates to safeguard cloud-based services and applications developed and deployed on the Windows Azure platform.
VeriSign to provide security and authentication for Windows Azure ... by Worldwide Computer Products News
Meanwhile, SSL certificate provider VeriSign said Monday that it is launching a free program that will revoke and replace any SSL, code signing or client certificate.
Debian random key generator flaw could persist by Dan Kaplan / SC Magazine
From an operator's perspective, code signing provides a mechanism for identifying, tracking, and even revoking an application if it starts misbehaving on its network.
Smartphone security: here's how to start securing smartphones and the ... by Vacca, John R. / Mobile Business Advisor
 
 
 
Encyclopedia
?

Terms of Use | Privacy policy | Feedback | Advertise with Us | Copyright © 2012 Farlex, Inc.
Disclaimer
All content on this website, including dictionary, thesaurus, literature, geography, and other reference data is for informational purposes only. This information should not be considered complete, up to date, and is not intended to be used in place of a visit, consultation, or advice of a legal, medical, or any other professional.