Re: selfcert and new image or pc

• Previous message: Word Heretic: "Re: "Names" Equivalent"
• In reply to: prisma: "selfcert and new image or pc"
• Messages sorted by: [ date ] [ thread ]

Date: Sat, 22 Jan 2005 14:17:20 +1100

G'day "prisma" <prisma@zonnet.nl>,

No you cannot. Most certificates rely on unique numbers for that
machine, including CPU serial numbers and OS install keys. So when you
re-install the OS or buy a new computer, that certificate is no longer
valid - I could be using a copy of your certificate to say I am you,
and that is not on.

So don't do it: you will hopelessly tangle up your security and
potentially even lock yourself right out of office altogether.

What can you do? Well, most professional development labs have a
computer dedicated to code signing. Any old box suits for this
purpose, strip its s/ware down to the minimum, only ever use to sign
code, and you minimize your need for new certificates.

Steve Hudson - Word Heretic

steve from wordheretic.com (Email replies require payment)
Without prejudice

prisma reckoned:

>Hello,
>when I use selfcert to make a digital signature in an officedocument then
>other users don't get a macrowarning (security medium). They have to trust
>me as a good source. When I get a new computer my signature is lost and I
>have to make a second signature. When I make other worddocuments with macros
>after this the second signature has to be installed on the user-computer,
>this is not the way I want it. I want to have one signature and I think it
>is possible to export your signature as a *.cer file and load it on your new
>computer after the new image. Is this possible or dangerous if you change
>your hardware and if it is possible how is it done. I don't want to pay 400
>dollar for an official signature a year.
>Thanks a lot
>
>

• Previous message: Word Heretic: "Re: "Names" Equivalent"
• In reply to: prisma: "selfcert and new image or pc"
• Messages sorted by: [ date ] [ thread ]