Page 1 of 5 123 ... LastLast
Results 1 to 10 of 44

Thread: Information about Comodo Code-Signing

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1

    Default Information about Comodo Code-Signing

    I don't know if this pertains to most customers, but it would have
    been useful to have this information about individual orders on the
    order page.

    The non-EV certificates can be purchased as an individual (e.g., not a
    company). This requires a different validation method, which entails
    having a notarized "face to face verification"
    https://support.comodo.com/index.php...ification-form

    If you want an EV certificate, the individual option is not possible.

    I'm having a frustrating time, trying to get my Dun and Bradstreet
    record to become available "globally". It's been weeks now. So now I'm
    going to try a personal order.

    Comodo uses https://www.upik.de/en/ to look up the record. I have been
    checking it every day, and their captcha is frustrating as heck (find
    the cars, find the store front, find the traffic lights). If your
    record isn't there, you are SOL. It doesn't matter if you can
    successfully look it up on dnb.com.


    Jeff Slarve
    www.jssoftware.com

    Ones and Zeros are my Heroes

  2. #2

    Default Re: Information about Comodo Code-Signing

    Also, does the Non-EV certificate really support kernal-mode signing?

    This page seems to specify that an EV certificate is required for
    that.

    https://docs.microsoft.com/en-us/win...sta-and-later-

    Jeff Slarve
    www.jssoftware.com

    Ones and Zeros are my Heroes

  3. #3

    Default Re: Information about Comodo Code-Signing

    Hi Jeff,

    > Also, does the Non-EV certificate really support kernal-mode signing?
    >
    > This page seems to specify that an EV certificate is required for
    > that.

    this is from their "previous" website (see attached screenshot).

    Friedrich
    Attached Images Attached Images  

  4. #4

    Default Re: Information about Comodo Code-Signing

    Jeff,

    > I don't know if this pertains to most customers, but it would have
    > been useful to have this information about individual orders on the
    > order page.

    Thank you for your suggestion! Information added.

    http://www.lindersoft.com/order_codesigning.htm

    Friedrich

  5. #5

    Default Re: Information about Comodo Code-Signing

    On your website its got:
    Note 1: since the private key is stored on the hardware token, for
    security it cannot be copied or exported to create a PFX file

    Does this means its being stored in the Intel CPU's like this?
    https://www.intel.com/content/www/us...-security.html

    Do you know if it only works with Intel CPU's or are AMD cpu's
    supported and do you know if removing the Intel Management Engine which
    some consider to be a HW backdoor would bugger up this hardware token
    storage?

    With the github code released about removing the Intel Management
    Engine I have not see anything talking about it affecting certs that
    might be stored on the cpu but that could be for a number of reasons
    including not realising the certs are stored in this part of the CPU,
    or it could just be malicious code designed to tank a cpu which isnt
    cheap.<g>
    https://github.com/corna/me_cleaner
    https://gist.github.com/CHEF-KOCH/af...09497d136996df
    https://github.com/bartblaze/Disable-Intel-AMT

    --
    Richard
    --
    Richard

  6. #6

    Default Re: Information about Comodo Code-Signing

    Richard,

    I think there is no Intel CPU involved. The E-Token is some kind of secure
    USB flash drive.

    Friedrich

  7. #7

    Default Re: Information about Comodo Code-Signing

    This is all I can really find about eToken.
    https://en.wikipedia.org/wiki/Aladdi...ity_management

    https://safenet.gemalto.com/multi-fa...p/etoken-pass/

    So it appears that only the comodo EV certs are stored on these etoken
    dongles, the std certs are not.
    https://support.comodo.com/index.php...g-certificates

    I wonder how these etoken dongles work, ie do they use the USB bus
    still which can be sniffed using Portmon to capture serial data or
    https://desowin.org/usbpcap/ to capture raw usb data.

    It might be fun to see what secrets can be given up with these etoken
    dongles.<g>

    --
    Richard
    --
    Richard

  8. #8

    Default Re: Information about Comodo Code-Signing

    Hi Friedrich -

    Not to make more work for you, but:

    1. I would remove this from "Note 2" under EV, as it is misplaced: 'It
    requires a different validation method, which entails having a
    notarized "face to face verification"'.

    2. Under the "Standard", I would put this note: 'Note: Individuals are
    able to purchase standard code signing certificates, but it entails
    the use of a different validation method than done for companies. See
    <a
    href="https://support.comodo.com/index.php?/Knowledgebase/Article/View/903/0/face-to-face-verification-form">here.</a>.

    Jeff Slarve
    www.jssoftware.com

    Ones and Zeros are my Heroes

  9. #9

    Default Re: Information about Comodo Code-Signing

    Hi Jeff,

    I agree. Changed! Thank you :-)

    Friedrich

  10. #10

    Default Re: Information about Comodo Code-Signing

    > The non-EV certificates can be purchased as an individual (e.g., not a
    > company). This requires a different validation method, which entails
    > having a notarized "face to face verification"
    > https://support.comodo.com/index.php...ification-form
    >
    > If you want an EV certificate, the individual option is not possible.


    I notice that in the declaration in the document linked above, it says in part..
    "Declaration Made by Applicant According to Comodo's _Extended Validation_ Certificate Requirements"

    So that sounds like it is _for_ EV certs...

    I am also wondering if this works outside the US, especially wrt "Confirming Persons"?

    Has anyone any knowledge or experience...?

    Thanks.


    John Newman
    Software Partners Australia
    C11

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •