问题
When distributing Software (by Microsoft ClickOnce), are there downsides on using an existing Driver Signing Certificate (from GoDaddy) for Code Signing?
回答1:
There shouldn't be any difference using a kernel code certficate instead of a normal Code-Signing-Certificate. They are both based on the Microsoft Authenticode system but they are - for what I know - on a different level of trust:
- Code-Signing-Certificates: Class 2
- Microsoft-Kernel Code: Class 3
(based on https://www.startssl.com/?app=40 and other CAs)
So basically it's like using a S/MIME Class 2 Certificate instead of Class 1. It offers more 'Security' (more owner validation) but does it job like the Class 1 one.
来源:https://stackoverflow.com/questions/16245006/using-driver-signing-certificate-for-code-signing