Site home page
Get alerts when Linktionary is updated
Book updates and addendums
Get info about the Encyclopedia of Networking and Telecommunicatons, 3rd edition (2001)
Download the electronic version of the Encyclopedia of Networking, 2nd edition (1996). It's free!
Contribute to this site
Electronic licensing info
Note: Many topics at this site are reduced versions of the text in "The Encyclopedia of Networking and Telecommunications." Search results will not be as extensive as a search of the book's CD-ROM.
Microsoft's Authenticode is part of its larger Internet Security Framework. It attempts to solve one of the larger questions facing the software industry today: How can users trust code that is published on the Internet? It provides a way to sign code so users know that programs obtained from the Internet are legitimate, just as shrink wrap and sealed boxes imply that off-the-shelf packaged software is authentic. Authenticode provides the following:
The basic procedure for signing code is for a publisher to get a certificate from a certification authority. The publisher then encrypts its digital signatures into the code with its private key to create a unique digital signature (note the signatures are inserted directly into the program file). The code can then be verified using functions that validate the digital signature, as discussed under "Certificates and Certification Systems." The functions indicate whether the code is valid or whether it is possibly fake or has been tampered with.
While Authenticode is a Microsoft initiative, Netscape and JavaSoft have developed their own code-signing technology called JAR (Java Archive Format). Still other vendors are developing their own technologies. The W3C (World Wide Web Consortium) at http://www.w3.org is attempting to consolidate these digital signing and certificate technologies into a single framework called the Digital Signature Initiative.
Copyright (c) 2001 Tom Sheldon and Big Sur Multimedia.