Please continue the driver signing discussion here.
The original thread was locked, because it became too long to reliably render online in most browsers (close to 250 replies).
Sorry for the inconvenience, but I’m not recoding the forum interface right now to accommodate this type of thread.
Peter
OSR
@OSRDrivers
Original thr ad for easy reference(tons of good info and discussion here):
http://www.osronline.com/showthread.cfm?link=268241
Peter
OSR
@OSRDrivers
xxxxx@osr.com wrote:
> … Thus, if you’re Big Company X that’s incorporated in Ireland,
> US headquarters in California, development teams around the world,
> and a product group in Colorado, how does that Colorado group get
> THE Corporate EV Cert to use for signing the products they release
> to the web? It’s unworkable. Again, this is purely speculation
> on my part.
The “Big Company” solution is to use a networked HSM (Hardware Security
Module). I know of two big companies using this one:
Install the corporate EV Cert on the HSM, and developers at far flung
locations can sign their products with it.
I have no idea how much one of these things costs. I’m sure it’s crazy expensive.