Re: driver signing - what am I missing?
- From: "Thomas F. Divine" <tdivine@NOpcausaSPAM>
- Date: Tue, 20 Feb 2007 23:16:25 -0500
If the driver has a WHQL test, then you need a WHQL signature to have a seamless install.
If the driver does not have a WHQL test, then self-sign is all you can do.
Thomas F. Divine
"Owen Smith" <osmith@xxxxxxxxxx> wrote in message news:op.tn14zs2mmlchdc@xxxxxxxxxxxx
On Vista x86, Authenticode signing will pop up a not so scary dialog to
Install / Not Install software from this certificate's name, with the
option to always trust this certificate. Without the signature, a big red
dialog pops up that can be hard to spot the "yes i really want to install
it" button.
On Vista x64, you must have an Authenticode signature or WinQual signature
On Tue, 20 Feb 2007 14:42:38 -0000, Benji <benji@xxxxxxxxxxxxxxxx> wrote:
Thank you for your reply,
if I understood you right the only way to get rid of that messagebox on
Windows XP as well as on Windows Vista x86 is to do the WinQual signing, is
it? But what is this authenticode signing good for?
Benji
"Maxim S. Shatskih" <maxim@xxxxxxxxxxxxxxxx> schrieb im Newsbeitrag
news:%23ZVo80OVHHA.3652@xxxxxxxxxxxxxxxxxxxxxxx
want to install the driver on a different machine on Windows XP there is
still that message box coming up regarding Windows Logo test. Do I have
to
Correct.
There are 2 kinds of driver signing - DRM signing and WinQual signing.
DRM signing:
- the goal is to prevent the DRM-violating software development
- only on Vista x64
- checked on load, you cannot load the kernel module to Vista x64 without
the
"DRM-signing" signature (except some debugging shortcuts).
- it does not require any testing or any submissions to MS. You must just
have
a corporate cert from one of the MS-approved list of the authorities like
Verisign. You do signing yourself.
WinQual signing:
- the goal is to improve Windows quality by spitting the warnings on the
drivers which were not properly tested _at MS themselves_.
- since w2k
- lack of signature causes the WinQual warnings, or even driver ailure -
this
is governed by the Group Policy setting I think.
- requires passing of DTM tests (previously HCT)
- requires submission to MS. In fact, only MS can create these signatures.
- you do DTM tests on your driver package (driver+INF+possible DLLs) - and
submit the _binaries_ to MS. MS returns you the signed package, the
signature
is in the .cat file.
- each such submission costs around USD 2000.
- yes, each source code patch = new submission.
You did the first signing and not the second.
--
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
maxim@xxxxxxxxxxxxxxxx
http://www.storagecraft.com
--
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/
.
- References:
- Re: driver signing - what am I missing?
- From: Owen Smith
- Re: driver signing - what am I missing?
- From: Benji
- Re: driver signing - what am I missing?
- From: Maxim S. Shatskih
- Re: driver signing - what am I missing?
- From: Benji
- Re: driver signing - what am I missing?
- From: Owen Smith
- Re: driver signing - what am I missing?
- Prev by Date: Re: CreateFile on interface now fails under x64
- Next by Date: Re: I/O Completion Issue inside the System process
- Previous by thread: Re: driver signing - what am I missing?
- Next by thread: RAID sources
- Index(es):
Relevant Pages
|
