Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Signing my application
Message
From
25/10/2023 13:04:52
Daniel Gadenne
France
 
General information
Forum:
Visual FoxPro
Category:
Other
Title:
Re: Signing my application
Miscellaneous
Thread ID:
01687117
Message ID:
01687122
Views:
78
This message has been marked as a message which has helped to the initial question of the thread.
Hi Borislav,

I suppose you mean "code signing" as Dough mentioned in the paper below:
https://doughennig.com/papers/Pub/Deploying.pdf

my few cents on the subject!

I currently use an EV code signing certificate (by globalsign.com) to stamp our executables. They are not just straight vfp executables but fully packed vfp+activex+dll executables packed with boxedapp.

As far as I know a "signed executable" that would be tampered by a third party would appear as "unsigned". So this stamping certainly offers some guarantee to our customers that the code has been formally signed by us and is delivered "as is", especially on the current Internet...

The signing process is formally run as I insert a fully authenticated USB stick. Fast and easy. But the paper work that an EV certificate requires is not. At the certificate certainly has a cost. But as I could certainly not install our package in protected environments without fully EV-signed executables, I accept the associated cost. There are possibly cases where the cheaper solution (non EV solution) is enough of a protection. But I have not tested it.

Daniel
Previous
Next
Reply
Map
View

Click here to load this message in the networking platform