Web Security, Privacy and Commerce, 2nd Edition

Chapter 22. Code Signing and Microsoft's Authenticode

Code signing is a technique for signing executable programs with digital signatures. Code signing is designed to improve the reliability of software distributed over the Internet by making it possible to detect very minor alterations to programs. Code signing is also designed to combat the problem of malicious programs, including computer viruses and Trojan horses.

This chapter describes the mechanics of code signing. For a discussion of why code signing might not provide the degree of safety its backers hope for, see Chapter 12.