top | item 45019734

(no title)

r1ch | 6 months ago

This is the same direction that Microsoft is taking Windows. Smart App Control is already rolling out to some regions - no .exe will run without a code signing certificate.

https://learn.microsoft.com/en-us/windows/apps/develop/smart...

discuss

kiicia|6 months ago

Code signing by pseudonymous key is different that requirement to cede personal data to central registry

ack_complete|6 months ago

It requires a code signing certificate from one of the trusted central authorities, and generally as an individual you must have your legal name on the code signing certificate. It's not pseudonymous.

ozim|6 months ago

Code signing is somewhat OK as I can get code signing cert using provider in my country that I can go to physically and show their employee my ID.

If google does that then it’s not the worst.

Worst is having to get my ID and all details scanned and processed by Google.

tensor|6 months ago

I really wish Microsoft made it cheaper to get a certificate. With Apple you pay $100 a year for any number of certs. Last I looked into it a cert for a single Windows app costs $400+ per year and requires a hardware token.

evanelias|6 months ago

They greatly improved the situation over the past couple years. Azure Trusted Signing is only $10/month and provides cloud-based signing.

It's a huge pain to set up initially, but it's smooth sailing after that. There's a good tutorial at https://melatonin.dev/blog/code-signing-on-windows-with-azur...

egorfine|6 months ago

I really wish for people to not bend for that.