|
|
You're in the
dotnet security
group:Do all the .Net products get signed using digital signatures?
dotnet security:
Hi
This is a question for all those .Net gurus who have ssen umpteen .Net products come and go so far. The question is fairly simple -- Do the softeware houses really obtain digital signatures from (eg. Verisign) and sign their assemblies before releasing them for production? How important it is to sign the assemblies (with digital signature obtained from Verisign or otherwise) before it is installed on the client machine? More so, if the product is supposed to be a stand alone product which very rarely accesses a networked resource like a configuration file? Regards Rahul
Only if you got the money for VerySign - a StrongName will work too ;-)
Daniel Fisher(lennybacon) MCP C# ASP.NET Blog: http://www.lennybacon.com/
[quoted text, click to view]
"Rahul Kumar" <rahul.kumar.remove_it@sage.remove_it.com> wrote > [...]Do the softeware houses really obtain digital signatures from (eg. > Verisign) and > sign their assemblies before releasing them for production? How important > it > is to sign the assemblies (with digital signature obtained from Verisign > or > otherwise) before it is installed on the client machine? [...] Hi Rahul A strong name garanties referal integrity by providing a unique name. That's why versioning works with a strong name only. In addition it garanties code integrity. It uses public key encryption to create a digital signature that contains a hash of the assembly. At load time the CLR creates a hash again and "extracts" the hash embedded in the signature by using the public key. It then compares both hashes and if they are not equal the assembly has been tampered with. In this case the CLR will not load it and as a result no code gets executed. So in order to modify the assembly you need to have the private key. This is how a strong name provides code integrity. But where did the assembly come from? There is no proven identity. And this is where certificates come into play. They bind a public key to an identity. So the decision is up to you: If you know the issuer of the assembly personally and trust him there is no need for a certificate. If not, then certificates are the way to go. Hope that helps Michael -- http://staff.newtelligence.net/michaelw/
Thanks Michael for your response. However my question is - what is the
percentage of professional .Net product companies, who sign their assemblies and how many among them sign with a digital certificate? I have to make a presentation in my company to make a case in favour of signing the assemblies and preferably using digital certificates ( to increase trust and ensure that our code is not tampered with). Regards Rahul [quoted text, click to view] "Michael Willers" <michael.willers@nospam.de> wrote in message news:%23ZMdIPKpEHA.2536@TK2MSFTNGP10.phx.gbl... > "Rahul Kumar" <rahul.kumar.remove_it@sage.remove_it.com> wrote > > > [...]Do the softeware houses really obtain digital signatures from (eg. > > Verisign) and > > sign their assemblies before releasing them for production? How important > > it > > is to sign the assemblies (with digital signature obtained from Verisign > > or > > otherwise) before it is installed on the client machine? [...] > > Hi Rahul > > A strong name garanties referal integrity by providing a unique name. That's > why versioning works with a strong name only. In addition it garanties code > integrity. It uses public key encryption to create a digital signature that > contains a hash of the assembly. At load time the CLR creates a hash again > and "extracts" the hash embedded in the signature by using the public key. > It then compares both hashes and if they are not equal the assembly has been > tampered with. In this case the CLR will not load it and as a result no code > gets executed. So in order to modify the assembly you need to have the > private key. > This is how a strong name provides code integrity. But where did the > assembly come from? There is no proven identity. And this is where > certificates come into play. They bind a public key to an identity. > So the decision is up to you: If you know the issuer of the assembly > personally and trust him there is no need for a certificate. If not, then > certificates are the way to go. > > Hope that helps > Michael > > -- > http://staff.newtelligence.net/michaelw/ > >
Hi Rahul,
One thing you might want to consider is that signing with an authenticode certificate, while it will provide assurance that you are who you say you are, also has the downside that when loading the assembly, the CLR has to verify the entire certificate chain, so assembly load times will be slower than with strongly named assemblies. I'm not trying to discourage the use of authenticode, however that data point is good to have when you are deciding between the signature technologies. -Shawn http://blogs.msdn.com/shawnfa -- This posting is provided "AS IS" with no warranties, and confers no rights. Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated. -------------------- [quoted text, click to view] > From: "Rahul Kumar" <rahul.kumar.remove_it@sage.remove_it.com> cpmsftngxa06.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP11> References: <e77nL#IpEHA.536@TK2MSFTNGP11.phx.gbl> <#ZMdIPKpEHA.2536@TK2MSFTNGP10.phx.gbl> > Subject: Re: Do all the .Net products get signed using digital signatures? > Date: Tue, 28 Sep 2004 10:42:57 +0100 > Lines: 57 > X-Priority: 3 > X-MSMail-Priority: Normal > X-Newsreader: Microsoft Outlook Express 6.00.2800.1409 > X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 > Message-ID: <Og29K9TpEHA.2684@TK2MSFTNGP11.phx.gbl> > Newsgroups: microsoft.public.dotnet.security > NNTP-Posting-Host: 213.48.94.64 > Path: .phx.gbl [quoted text, click to view] > Xref: cpmsftngxa06.phx.gbl microsoft.public.dotnet.security:7520
> X-Tomcat-NG: microsoft.public.dotnet.security > > Thanks Michael for your response. However my question is - what is the > percentage of > professional .Net product companies, who sign their assemblies and how many > among them sign with a digital certificate? I have to make a presentation in > my company to make a case in favour of signing the assemblies and preferably > using digital certificates ( to increase trust and ensure that our code is > not tampered with). > > Regards > > Rahul > > "Michael Willers" <michael.willers@nospam.de> wrote in message > news:%23ZMdIPKpEHA.2536@TK2MSFTNGP10.phx.gbl... > > "Rahul Kumar" <rahul.kumar.remove_it@sage.remove_it.com> wrote > > > > > [...]Do the softeware houses really obtain digital signatures from (eg. > > > Verisign) and > > > sign their assemblies before releasing them for production? How > important > > > it > > > is to sign the assemblies (with digital signature obtained from Verisign > > > or > > > otherwise) before it is installed on the client machine? [...] > > > > Hi Rahul > > > > A strong name garanties referal integrity by providing a unique name. > That's > > why versioning works with a strong name only. In addition it garanties > code > > integrity. It uses public key encryption to create a digital signature > that > > contains a hash of the assembly. At load time the CLR creates a hash again > > and "extracts" the hash embedded in the signature by using the public key. > > It then compares both hashes and if they are not equal the assembly has > been > > tampered with. In this case the CLR will not load it and as a result no > code > > gets executed. So in order to modify the assembly you need to have the > > private key. > > This is how a strong name provides code integrity. But where did the > > assembly come from? There is no proven identity. And this is where > > certificates come into play. They bind a public key to an identity. > > So the decision is up to you: If you know the issuer of the assembly > > personally and trust him there is no need for a certificate. If not, then > > certificates are the way to go. > > > > Hope that helps > > Michael > > > > -- > > http://staff.newtelligence.net/michaelw/ > > > > > > >
Don't see what you're looking for? Try a search.
|
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
| home · blog · groups | Questions? Comments? Contact the dn |