485
edits
Codesigning : Part 1 : The Request: Difference between revisions
Codesigning : Part 1 : The Request (view source)
Revision as of 16:44, 29 January 2020
, 29 January 2020no edit summary
mNo edit summary |
mNo edit summary |
||
| Line 11: | Line 11: | ||
The main difference is the certificate chain you get to use and the associated trust that they claim that this will provide (according to the <s>snake oil vendor</s> Certificate Authority). | The main difference is the certificate chain you get to use and the associated trust that they claim that this will provide (according to the <s>snake oil vendor</s> Certificate Authority). | ||
The sales item you sometimes see where they talk about how high the warranty is? It's bogus as there is literally nobody ever who has been able to claim such an insurance. [https://www.troyhunt.com/extended-validation-certificates-are-dead/ 1] | The sales item you sometimes see where they talk about how high the warranty is? It's bogus as there is literally nobody ever who has been able to claim such an insurance. [https://www.troyhunt.com/extended-validation-certificates-are-dead/ 1] [https://scotthelme.co.uk/do-ssl-warranties-protect-you-as-much-as-rocks-keep-tigers-away/ 2] | ||
For a codesign certificate you have to go through a process with the supplier of the certificate where you can proof you are who you are. | For a codesign certificate you have to go through a process with the supplier of the certificate where you can proof you are who you are. | ||
| Line 22: | Line 22: | ||
=== Creating a CSR via a browser === | === Creating a CSR via a browser === | ||
This is a bit of a weird process as not all browsers are supported and even when the Certificate Authority (CA) website say things like "Firefox is supported".. well that is history already as the old keygen interface most of the Certificate Authorities depend on [https://www.fxsitecompat.dev/en-CA/docs/2019/keygen-support-has-been-dropped/ has been removed] and they do not yet support the new WebCrypto functionality provided by all modern browsers. [https://textslashplain.com/2020/01/19/retiring-internet-explorer/ | This is a bit of a weird process as not all browsers are supported and even when the Certificate Authority (CA) website say things like "Firefox is supported".. well that is history already as the old keygen interface most of the Certificate Authorities depend on [https://www.fxsitecompat.dev/en-CA/docs/2019/keygen-support-has-been-dropped/ has been removed] and they do not yet support the new WebCrypto functionality provided by all modern browsers. [https://textslashplain.com/2020/01/19/retiring-internet-explorer/ 3] So utterly confusing. | ||
The only one that does work, AFAICT on January 2020, is ... Internet Explorer. | The only one that does work, AFAICT on January 2020, is ... Internet Explorer. | ||
| Line 98: | Line 98: | ||
1. https://www.troyhunt.com/extended-validation-certificates-are-dead/ | 1. https://www.troyhunt.com/extended-validation-certificates-are-dead/ | ||
2. https://textslashplain.com/2020/01/19/retiring-internet-explorer/ | 2. https://scotthelme.co.uk/do-ssl-warranties-protect-you-as-much-as-rocks-keep-tigers-away/ | ||
3. https://textslashplain.com/2020/01/19/retiring-internet-explorer/ | |||
[[Category:Development Tools]] | [[Category:Development Tools]] | ||
[[Category:How To]] | [[Category:How To]] | ||