[wdmaudiodev] Re: How to sign up with MS with the Win10 driver no charge "attestment" option

  • From: Tim Roberts <timr@xxxxxxxxx>
  • To: "wdmaudiodev@xxxxxxxxxxxxx" <wdmaudiodev@xxxxxxxxxxxxx>
  • Date: Mon, 26 Oct 2015 11:53:08 -0700

Paul Titchener wrote:

Tim, to be candid I know just enough about these certs to be
dangerous, but here’s my understanding of this cert.

Its an EV cert we got recently from DigiCert, one of MS’s recommended
2 suppliers for driver certs on the MS drivers dev site.

You have an SHA2 (SHA256) certificate.


We used it to both sign up with MS’s driver’s approval site and also
to submit our driver package which they accepted so it passed their tests.

The reason I’m calling it an SHA1 cert is when you use the File
Explorer and do a Properties->Digital Signatures on it, under the
heading “Digest Algorithm” it lists SHA1.

If I understand correctly, that's referring to the algorithm that was
used to come up with a checksum when you signed the file. That is, this
refers to the act of signing this one file, not the certificate that was
used to protect the signature.


But if you then click Details->Advanced, in the page that comes up its
lists SHA1 again for Digest Algorithm but in the field labeled Issurer
it states:

DigiCert EV Code Signing CA (SHA2) ...

So perhaps this Issuer field that does contain a SHA2 description is
the one I should be referring to when describing this cert, is that
correct?

Yes. If you go into View Certificate and look at Details, you'll see
"Signature algorithm" is "sha256RSA".

--
Tim Roberts, timr@xxxxxxxxx
Providenza & Boekelheide, Inc.

Other related posts: