Thursday, May 30, 2024
No menu items!
HomeCloud ComputingUnderstanding Microsoft’s Trusted Signing service

Understanding Microsoft’s Trusted Signing service

How do we ensure that the code we’re installing is, at the very least, the code that a vendor shipped? The generally accepted solution is code signing, adding a digital signature to binaries that can be used to ensure authorship. At the same time, the signature includes a hash that can be used to show that the code you’ve received hasn’t been altered after it’s been signed.

Code signing is increasingly important as part of ensuring software bills of materials and reducing the risks associated with malware hijacking legitimate binaries. Signing is necessary if you’re planning on using services like the Microsoft Store or the Windows Package Manager to distribute your applications, allowing the repository to verify software sources.

To read this article in full, please click here

InfoWorld Cloud ComputingRead More



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments