It is a Sign of the Times

Short-lived code signing certificates can save your bacon in several ways

Chant uses Microsoft Trusted Signing certificates that are renewed daily and are valid for only 72 hours. In these short-lived certificates, revocation actions can be as acute as a single day or as broad as needed to cover any incidents of misuse and abuse.

One advantage of short-lived certificates is that if a problem is detected such as malware with a signed file, the revocation actions can be isolated to revoking only the certificate that signed the file. The revocation affects only the files signed by using that certificate on the day that it was issued. The revocation does not apply to any code that was signed before that day or after that day.

For details about the advantages of short-lived certificates, read more in Knowledge Base article H032508.

As Dave Coverly illustrates in Speech Bump, catching and revoking bad files can avoid unintended consequences.

Want to know more about code signing and how it can benefit your apps? Contact us with the best way to reach you to discuss your options.

If you are ready to update your apps to speak and listen with the latest technology, download and try the latest releases. Let us know your thoughts, if you need assistance, or have questions. We can provide turnkey apps if you no longer want to build them yourself.