<extreme frustration>

I have googled and read about this, but can't seem to get a grip on it.
Apparently I am being coerced into digitally signing applications. Is this
true? What if I don't want to?

The basic question is: If I click the "Create Test Certificate" button on
the Signing tab of the properties for my application so I can publish it,
what happens when I distribute the application?

- Will users be challenged installing the application because they have
to install a certificate?

- Will users be getting scary warnings they don't understand because its
not a 'real' certificate?

- Will users come screaming in one year because the certificate has
expired?

- Will I have to provide new certificates every year to every user
forever?

What the heck is the point of this? I don't see it as a meaningful security
enhancement.

It is useful to be able to sign an application, but it is not something
which should be forced down my throat. Let ME decide if I want to digitally
sign my application!

Background:

After installing VS2008, when I try to publish a vb.net windows application
I get the failure message "The signer's certificate is not valid for
signing."

I unchecked the checkbox "sign the click once manifests" on the signing tab,
but it checks itself. GRR!

</extreme frustration>

Thanks
Bill

I'm told you can turn off signing with VS2008 Service pack 1.

Quote:

- Will users be challenged installing the application because they have
to install a certificate?

Yes, but with a cert they can trust your company if they want, preventing
further checks.

Quote:

>
- Will users be getting scary warnings they don't understand because
its not a 'real' certificate?

Yes

Quote:

>
- Will users come screaming in one year because the certificate has
expired?
>

Yes, and will cause problems for existing deployed applications.

Quote:

- Will I have to provide new certificates every year to every user
forever?

depends on the cert duration.

Quote:

>
What the heck is the point of this? I don't see it as a meaningful
security enhancement.

User can be sure the application came from the company where the cert
claims, and that the software has not been modified by a differnt party. The
cert can also be revoked if needed.

Eric


"BillE" <belgie@datamti.comwrote in message
news:%23k9UfBjKJHA.1156@TK2MSFTNGP05.phx.gbl...

Quote:

<extreme frustration>
>
I have googled and read about this, but can't seem to get a grip on it.
Apparently I am being coerced into digitally signing applications. Is
this true? What if I don't want to?
>
The basic question is: If I click the "Create Test Certificate" button on
the Signing tab of the properties for my application so I can publish it,
what happens when I distribute the application?
>
- Will users be challenged installing the application because they have
to install a certificate?
>
- Will users be getting scary warnings they don't understand because
its not a 'real' certificate?
>
- Will users come screaming in one year because the certificate has
expired?
>
- Will I have to provide new certificates every year to every user
forever?
>
What the heck is the point of this? I don't see it as a meaningful
security enhancement.
>
It is useful to be able to sign an application, but it is not something
which should be forced down my throat. Let ME decide if I want to
digitally sign my application!
>
Background:
>
After installing VS2008, when I try to publish a vb.net windows
application I get the failure message "The signer's certificate is not
valid for signing."
>
I unchecked the checkbox "sign the click once manifests" on the signing
tab, but it checks itself. GRR!
>
</extreme frustration>
>
Thanks
Bill
>