使用多个时间戳服务器进行代码签名 [英] Code Signing with Multiple Timestamp servers
问题描述
关于使用signtool进行时间戳和代码签名-将来自多个时间戳颁发机构的戳记应用于签名代码是否是最佳实践?其他可能帮助我理解的相关问题:
Regarding Timestamps and code signing with signtool - is it considered a best practice to apply stamps from multiple timestamp authorities to signed code? Further related questions that may help me to understand:
-
是否可以使用不同的时间戳服务器来应用多个时间戳?
如果我对本文的理解是正确的,答案是肯定的。
请参阅: Authenticode的替代时间戳服务
如果是,多个时间戳是否提供时间戳的验证故障转移?
例如,一段代码被签名,然后由comodo和verisign加上时间戳。如果系统无法连接到verisign,如果可以连接到comodo以验证时间戳,它仍然有效吗?我假设在验证代码并检测到时间戳时,系统会将网络流量发送到时间戳机构以验证时间戳。如果不是这种情况,而只是在本地验证(一个)时间戳是由受信任的CA针对可能回答该问题的本地商店发出的。
If so, do the multiple timestamps provide validation "fail-over" of the timestamp?
For example, a piece of code is signed and then timestamped by both both comodo and verisign. If the system is unable to connect to verisign would it still be valid if it could connect to comodo to verify the timestamp? I am assuming that when code is being validated and the timestamp is detected the system sends network traffic out to the Time Stamp Authority to verify the TimeStamp. If this is not the case and it is just locally verifying that (one of?) the Time Stamp(s) was issued by a trusted CA against the local store that may answer the question.
也许要问的另一个问题是,在检查时间戳时,这是一个 AND(所有时间戳都必须是可验证的,代码才能通过检查)或或 (其中一个时间戳必须是可验证的代码才能通过检查)。
Perhaps another question to ask, when checking timestamps is this an "AND" (all timestamps must be verifiable for the code to pass check) or an "OR" (one of the timestamps must be verifiable for the code to pass check).
推荐答案
对于1),他们正在谈论故障转移,这意味着如果第一个服务器无法访问,则它们仅从第一台服务器切换到第二台服务器。无论如何,结果只是一个时间戳。
For 1), they are talking about a fail-over, which means they just switch from the first server to the second server if the first one is not reachable. In any case, the result is only one time stamp.
但是,有些人尝试应用两个签名,每个签名都有时间戳:
However, there are people who try to apply two signatures, each having its timestamp:
- How does one correctly dual-sign code with a timestamp?
- signtool failing to dual sign SHA2 and SHA1 with timestamps
对于2),一旦时间戳成为可执行文件的一部分,就不再需要连接到服务器。正如您已经假设的那样,时间戳本身就是一个签名,如果Windows信任该签名,则将其视为有效。
For 2), once the timestamp is part of the executable, there's no need to connect to the server any more. As already supposed by you, the timestamp is a signature itself and if that signature is trusted by Windows, it's given as valid.
对于3),由于缺少可用时间样本,目前我无法给出答案。
For 3), due to lack of available samples, I can't give an answer for this at the moment.
这篇关于使用多个时间戳服务器进行代码签名的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
