对可执行文件进行数字签名有多重要？ [英] How important is it to digitally sign our executables?

问题描述

我们创建了内容管理系统。这是一个基于数据库的系统，仅供企业和组织使用，并且永远无法从Internet下载。也就是说，它不是人们可能偶然发现的那种软件，也不知道它是什么以及它是否可以安全运行。我们的系统已销售20多年，其可执行文件从未经过数字签名。我们是时候开始签约了吗？

We produce a content management system. It's a database-based system, used only by businesses and organizations, and never downloadable from the Internet. That is, it's not the kind of software someone might stumble upon and wonder what it is and whether it's safe to run. Over the 20+ years our system is being sold, its executables have never been digitally signed. Is it time for us to start signing them?

对于初学者来说，我可以想到一些利弊：

For starters, I can think of a few pros and cons:

• Pro：如果使用Verisign证书，则 Windows错误报告可以使用


• 专业版：当Windows Vista和Windows 7显示烦人的 UAC 消息，对签名的应用程序的展示会更好


• 骗局：证书要花钱。


• Con：签名有一些维护开销，我不知道多少。

• Pro: If using Verisign certificates, Windows Error Reporting can be used
• Pro: When Windows Vista and Windows 7 show one of those annoying UAC messages, signed applications are presented a bit more nicely
• Con: Certificates cost money. Not a lot, but if they're useless it's too much
• Con: Signing has some maintenance overhead, how much I don't know.

推荐答案

在技术方面，您已经说过了优点/缺点。

From the tech side you already stated the pros/cons.

从业务的角度来看，这取决于您的用户，也许，如果您正在出售B2B，就好像是在出售B2C一样，还是对于精明的用户（他们会欣赏到更好的UAC消息）都没关系。

From the business point of view it depends on your users, maybe if you are selling B2B it wouldn’t matter as if you were selling B2C or to less savvy users whom would appreciate more a nicer UAC message.

老实说，我不会担心...。如果您没有强烈的需求并且找不到真正好的理由，那么这并不重要。

Honestly, I wouldn’t worry.... If you haven’t had the urge and can't find a really good reason, then it’s not important yet.

我宁愿花费那些努力来改善其他方面。

I'd rather spend those efforts improving something else.

这篇关于对可执行文件进行数字签名有多重要？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！