Lars-Eric
Wed Jul 02 16:40:03 CDT 2003
Graham,
We have been using Verisign's Office code signing certificate for a couple
of yers now. We also use the normal code signing certificate from Verisign
for signing executables. It cost $400 US each per year. It's a bit of a
procedure when you buy it for the first time as it's a Class 3 certificate.
That means they have to ensure they issue the certificate to the company you
claim you work for. So they will make a phone call to a public phone number
that is registred on your company and one of your bosses has to verify the
order. You can order the certificate from Verisign's site
http://www.verisign.com/products/signing/code/
Then when you sign the macro projects you will need to timestamp the
signing, otherwise your signing will not be accepted after the certificate
has expired. Verisign has a timestamping service that Office will
automatically connect to that service if you put the URL, to the service, in
the registry. It's an industry standard that soft class 3 code signing
certificates are valid no more than one year. If you buy the certificate
from another issuer (Certificate Authority) you must make shure their root
certificate is one of those installed by a normal Windows installation.
Verisign's root certificates are for sure sure on every Windows machine.
Regards,
Lars-Eric
"Graham Dingley" <gd1@gbsystems.co.uk> skrev i meddelandet
news:087901c3408a$6f38be00$a501280a@phx.gbl...
> I write simple Word Macros for customers to attach to
> templates these are called when the template is opened and
> a new document is created using mail-merge etc. All of
> this works fine if I set the security to LOW. I have
> tried to follow through MicroSoft how to obtain a digital
> signature but get totally confused. Where can I get a
> Digital signature and allow my customers to run the
> security at high. I am based in the UK.
>
> Thanks in advance for any help.
>
> Graham