Virtualization - Data Storage - Security

Katharine Hadow

Subscribe to Katharine Hadow: eMailAlertsEmail Alerts
Get Katharine Hadow: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Related Topics: SSL Journal, Security Journal

SSL Journal: Press Release

Developers and End Users Benefit from Code-signing Certificates

Code-Signing Certificates Facilitate Online Software Sale and Exchange

Jersey City, NJ, November 18, 2009 - Buying or borrowing software on the Internet carries risks, both for the developer and for the person who plans to use it. End users who install malicious software in their computers may lose their purchase price. Worse, they may risk damaging their computers. Developers risk that someone may intercept their software file and alter it, adding deleterious code. Such alterations could damage their professional reputations.

Developers who sell or exchange software can protect their code and their reputations by using code-signing certificates. Code-signing certificates create X.509 data files called “signatures” that developers can attach to their software files. The signature disappears from the software if anyone (including the developer) alters the code.

The digital signature functions as tamper-proof packaging for intangible files exchanged on the Internet; absence of packaging signals a quality problem.

Code-signing certificates protect end users who purchase software from unfamiliar developers, or who download it from open sources. Major browsers now check for code-signing certificates when Internet users download software; if the software is unsigned, the browser shows the Internet user a warning message.

By the same token, code-signing certificates protect developers. Software that appears to come from an honest developer might have been altered to delete important files once installed, or to cause similar problems. The digital signature verifies that the file does, indeed, come unaltered from the developer, and that it has not been changed.

Code-signing certificates can be especially useful for open-source developers, posting their software on bulletin boards for anyone to use or modify. Such developers build reputations based on the quality of their software; their digital signatures prove that the posted software is truly theirs.

Code-signing certificates are available for terms of one to three years, and may be used to sign as many files as a developer can produce during that span.

For more information about code-signing certificates, visit http://www.instantssl.com/code-signing/code-signing.html

About Comodo

Comodo is a leading brand in Internet security, covering an extensive range of security software and services, including digital certificates, PCI scanning, desktop security, online faxing, and computer technical support services.

Businesses and consumers worldwide recognize Comodo as standing for security and trust. Comodo products secure and authenticate online transactions for over 200,000 businesses and have more than 18,000,000 installations of Comodo desktop security software, including an award-winning firewall and antivirus software offered at no charge.

The Comodo family of companies is committed to continual innovation, core competencies in PKI, authentication, and malware detection and prevention.  As a catalyst in eliminating online crime, the companies' mission is to establish a Trusted Internet.

With US headquarters overlooking Manhattan on New Jersey's waterfront, and global resources in United Kingdom, China, India, Ukraine, and Romania, Comodo products offer intelligent security, authentication, and assurance.

Comodo -- Creating Trust Online®. For more information, visit Comodo's website.

More Stories By Katharine Hadow

Katharine Hadow is a marketing communications professional in New Jersey, USA