How big a deal
is it?"> You might be thinking now: "$500! Im in the wrong business!" And theres something to that thought. But, according to VeriSign, it doesnt just run a program to generate the signature and mail it off to you. The company does actual research to make sure that the entity that applied for the certificate is who it says it is and that it is a real organization. I spoke to VeriSign about this about a year ago related to abuse of code-signing certificates raised by Ben Edelman. (I had to amend that column, but I think the basic points remained valid.) At the time, VeriSign referred me to a policy document on its site that listed all the rules it follows. That document isnt where it was back then, but this one appears to describe all the rules.Are these requirements onerous? I have seen assertions (see this discussion on the matter) that only corporate entities can obtain a Class 3 certificate, but the VeriSign document doesnt seem to require it. It does require for individuals that the subscriber agreement be notarized and accompanied by three forms of identification. So, its going to cost some money to get one, but not big money, and its not that hard to do. The requirement for kernel-mode drivers to be signed isnt the only new one in Windows Vista. These kernel-mode drivers must contain users who are not administrators and cannot install unsigned drivers in any mode. All drivers for devices that stream content must also be signed. Its also worth noting that Microsofts plans for this process make some exceptions to make life a little easier for developers. For the prerelease period of Vista, at least until Release Candidate 1, there will be a configuration setting developers can use to bypass the requirement, but this will be removed in the release version of Vista. It also will be possible to create a special boot menu option for running the system without the kernel-mode signature requirement, but this choice will not persist to the next system boot. Would the requirements make open-source development impractical, or even impossible? Clearly, it would make open-source development more difficult, depending on how you approach the issue. I dont think this is Microsofts goal, but I dont think it bothers them all that much either. Its not clear how much open-source development is done with kernel-mode Windows, so the argument may be theoretical. But, clearly, all developers would need their own VeriSign certificate or access to someone elses. I havent got a clear answer on it, but I think it should be possible for an organization willing to put up the money to give liberal access of their certificate to others. Perhaps VeriSign frowns on such behavior; Im not sure what it does about it. But perhaps the central philosophical objective of the GPL is that users of programs should have the freedom to modify those programs to their needs and taste, and clearly Microsofts objectives for the Windows kernel conform to a different philosophy. Kernel-mode Windows development is already a difficult and very specialized business. Not every schmo with Visual Basic can do it, and those who do it well are fairly rare. In the end, Microsofts new rules are an attempt to keep the unserious and malicious among us out of the kernel, and if theres some collateral damage, Im sure the company sees it as worthwhile to keep dirty, unaccountable code out of the Windows kernel. Its a reasonable objective. Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
More from Larry Seltzer
For advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.