M
Miro
Is it just me, or is it just easier and cheaper not purchase a certificate
from someone like verisign.
Perhaps I am missing the full reason for them, but I think my simple 'new
solution' is the correct train of thought.
Please let me know if I am wrong - as my solution would not verify that the
software came from you.
To fork over another 500 bux or so for a 'certificate' is ridiculous.
It strikes me as odd, that code signing is still popular, and why something
isn't invented that points back to your .com domain name, that can verify
that the software is yours.
For example, you put a datafile on your webserver that gets hit by your
installation with a secure password and login.
Only you know the password / login and location of this file.
When the installation loads, ( and in it you specify the file / login /
password ) in your .com, the login would either pass or fail.
A pass means that the software is yours.
A fail, means it is not.
Seems pretty simple to me, and pretty hard for someone to fake - as you are
the only owner of your .com domain.
----just me rambling...
I just seem a bit ticked off that other people are profiting off a little
digital certificate that really could have been invented better so that it
didnt need to be created in the first place.
Anyone know of the cheapest place to get a certificate?
Miro
from someone like verisign.
Perhaps I am missing the full reason for them, but I think my simple 'new
solution' is the correct train of thought.
Please let me know if I am wrong - as my solution would not verify that the
software came from you.
To fork over another 500 bux or so for a 'certificate' is ridiculous.
It strikes me as odd, that code signing is still popular, and why something
isn't invented that points back to your .com domain name, that can verify
that the software is yours.
For example, you put a datafile on your webserver that gets hit by your
installation with a secure password and login.
Only you know the password / login and location of this file.
When the installation loads, ( and in it you specify the file / login /
password ) in your .com, the login would either pass or fail.
A pass means that the software is yours.
A fail, means it is not.
Seems pretty simple to me, and pretty hard for someone to fake - as you are
the only owner of your .com domain.
----just me rambling...
I just seem a bit ticked off that other people are profiting off a little
digital certificate that really could have been invented better so that it
didnt need to be created in the first place.
Anyone know of the cheapest place to get a certificate?
Miro