Comodo Certificate Order [August 25, 2015]

[NewsArchive]

Wasn't that supposed to be good for glaucoma anyway???

Jane Fleming

[NewsArchive]

Jane,

> Wasn't that supposed to be good for glaucoma anyway???

It's good for a lot of things, or so Sanjay says.<g>

I don't have glaucoma but I do have the early stages of cataracts...
that's close enough, right?!<g> (no worries - purely age related)

Lee White

[NewsArchive]

Lee,

Cataracts are a lot less of an issue than back when you were a pup. I've
watched a lot of IOL surgeries. Patients are amazed at how well they can
see the very next day.

OTOH... if you prefer herbal therapy ;-)

jf

[NewsArchive]

So after my earlier post, I delayed doing productive work for a half hour
this morning whilst spelunking through crannies of the D&B website.
Wish I could point to the specific link... but I was heartened by one of
their dropdowns promising the ability to edit information without paying
them.
So I did create a free account, and that let me zap the invalid phone
number. Unfortunately, it wouldn't let me just leave the phone blank.

Of course... it might be fun to set the phone number on D&B to Comodo's
number <G>

Cheers, all,

Jane

[NewsArchive]

Jane,

> OTOH... if you prefer herbal therapy ;-)

Getting back to nature!<g>

Lee White

[NewsArchive]

> But Microsoft will cease trusting Code
> Signing Certificates using SHA-1 on January 1, 2016.

Does that mean that all previously distributed EXE etc become invalid??????

Don't make me nervous, man!



Regards,
Wolfgang Orth
www.odata.de

[NewsArchive]

Hi Wolfgang,

> Does that mean that all previously distributed EXE etc become
> invalid??????
>
> Don't make me nervous, man!

Windows will stop accepting SHA-1 code-signed files that are time stamped
AFTER 1 January 2016. SHA-1 code-signed files time stamped by an RFC 3161
Time Stamp Authority BEFORE 1 January 2016 will be accepted until such time
when Microsoft decides SHA-1 is vulnerable to pre-image attack.

Friedrich

[NewsArchive]

> Don't make me nervous, man!

By the way, I think my answer was not quite clear. Yes, all previously
code-signed EXE/DLL/etc. files become invalid if they were code signed using
the "standard" Microsoft Authenticode compatible time stamp. To support
older Windows operating systems and new UAC-aware Windows after 1 January
2016, you have to dual SHA-1/SHA-2 code-sign using Microsoft Authenticode
compatible time stamp and RFC 3161 compliant trusted time stamp servers
(SHA-2 compatible code-signing certificate is required).

Of course, the upcoming SetupBuilder 10 can handle this for you (dual
SHA-1/SHA-2 code-sign your application files and the setup.exe).

Friedrich

[NewsArchive]

Friedrich,

> Yes, all previously
> code-signed EXE/DLL/etc. files become invalid if they were code signed using
> the "standard" Microsoft Authenticode compatible time stamp.

So everything that's already been signed is suddenly invalid and has
to be redone??? Seriously?!

So old signed installs and install contents have to be re-signed and
uploaded... that's a lot of stuff to contend with, a LOT of stuff!

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
RPM Review........: http://www.clarionmag.com/cmag/v11/v11n06rpm.html
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Creative Reporting: http://www.CreativeReporting.com

Product Release & Update Notices
http://twitter.com/DeveloperPLUS

Windows 8 brings us "The Oval, Bumper Car, Roller Coaster of Wait!"
And, now, Windows 10 brings us "The Inch Worm, Bumper Car of Wait!"


The life of a Clarion Developer: https://youtu.be/ozitqabi6UM

[NewsArchive]

Lee,

> So everything that's already been signed is suddenly invalid and has
> to be redone??? Seriously?!

Yes, that's the plan if the files are not time stamped by an RFC 3161 Time
Stamp Authority before 1 January 2016 <bg>

> So old signed installs and install contents have to be re-signed and
> uploaded... that's a lot of stuff to contend with, a LOT of stuff!

Ohhh yes. I am busy re-compiling all my original application files, all the
core redistributables, etc. Tons of stuff, terabytes of data.

Friedrich