Online security and SSL certificate authority DigiCert announced on Tuesday that it is now offering extended validation code signing certificates, a new product it refers to as a ?major breakthrough in application code security.?
According to the announcement, the EV code signing certificates apply the strict validation procedures of the extended validation in the SSL realm to the code signing certificate, ensuring the integrity of downloadable applications, including the strict requirements laid out by both the CA/Browser Forum and Microsoft.
Ensuring an additional layer of security, the certificates require a hardware token to receive and install, along with the rigorous vetting of the identity of the individual receiving the certificate.
DigiCert made its EV SSL certificates available to web hosting providers to resell back in July.
Developers using the EV code signing certificates, says DigiCert, can immediately establish an initial reputation with SmartScreen reputation services, for Windows 8, Internet Explorer 9 and Internet Explorer 10, even if the file or the publisher has no previous reputation.
DigiCert says the EV code signing certificates also help ensure that reputations established with certificates remain intact across renewals.
?DigiCert?s? EV Code Signing Certificates can be trusted by Microsoft SmartScreen reputation services starting today, meaning that application developers can establish reputation in Windows 8 and Internet Explorer 9 and 10 immediately,? says DigiCert CEO Nicholas Hales, quoted in the press release. ?Additionally, developers can rely upon DigiCert as a code-signing partner committed to high assurance and customer support to take care of any needs they might have throughout the lifecycle of their certificate.?
According to the DigiCert website, along with Microsoft products using SmartScreen, the EV code signing certificates support all the major platforms supported by its regular code signing certificates, including Microsoft Authenticode and kernel mode, Visual Basic Applications and Office, Adobe, Java and Mac OSX.
?We are pleased to support the certificate authority industry?s introduction of Extended Validation Code Signing Certificates as a step forward to help ensure developer identity, code signing security and user safety,? says Microsoft general manager of safety services, John Scarrow, also quoted in the release. ?These new certificates provide deep verification of developer identity and, in addition, require a hardware element to further secure the code signing process.?
A price and feature comparison chart on the DigiCert website lists the EV code signing certificates at $449 per year, slightly more than double the $223 per year charged for the regular code signing certificates.
Talk back: Do you see the value of extended validation in code signing certificates (or at all)? Is there a market for code signing certificates among your customers? Have you had success promoting extended validation in SSL as a product? Let us know in the comments.
About Liam Eagle
Liam Eagle has worked as a contributor to the Web Host Industry Review since its inception in 2000, and as editor since 2003. He has been editor of the WHIR's print magazine since its launch. His daily involvement in the gathering and reporting of Web hosting news and his regular interaction with Web hosting leaders gives him an uncommonly broad appreciation of the issues and tends facing the business. Through his WHIR blog, Liam spots Web hosting trends and offers opinions on the industry-wide impacts of major developments and the motivation behind big announcements. Follow him on Twitter @liameagle
No related posts.
wrestlemania country music awards 2012 wrestlemania 28 results earl scruggs game of thrones game of thrones season 2 wrestlemania 28
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.