signature of cis installer

JCE · May 11, 2010, 4:54pm

I’m just wondering why CIS installer is signed using certificate issued by Verisign. Why not Comodo’s one?

stormer · May 11, 2010, 6:39pm

Maybe Versign is more trustworthy and may look shady if Comodo used their own. ???

DiSP · May 11, 2010, 8:03pm

Nice find, and a pretty good question. maybe melih can say something about this.

DiSP · May 12, 2010, 11:37am

Still no answer for this.

knk2006 · May 12, 2010, 12:05pm

if you are pointing to the digital signature !! I have it signed by comodo ???
!

DiSP · May 12, 2010, 12:17pm

See my image.

[attachment deleted by admin]

DiSP · May 12, 2010, 12:19pm

More one, this one is showing the details of who gave the certificate (Emissor in the picture).

[attachment deleted by admin]

burebista · May 12, 2010, 12:25pm

I’m doomed too. ;D

[attachment deleted by admin]

knk2006 · May 12, 2010, 12:41pm

what we all care about is the security and those funny stuff are non of our ■■■■ buisness ;D

jeremysbost · May 12, 2010, 2:02pm

Yep. Do you all hate Verisign or something? (Kidding :P)

DiSP · May 12, 2010, 3:10pm

The question is why not use their own certificate. Why spend money on a certificate from verysign?

knk2006 · May 12, 2010, 5:01pm

I’m sure i didn’t put ( dang ) LoooooooooL at least replace it with something that has a meaning ;D

jeremysbost · May 13, 2010, 1:07am

It does make me curious, but I don’t think it is a high-priority question that needs answering.

DiSP · May 13, 2010, 11:50am

I agree with you but and explanation would be nice.

JCE · May 13, 2010, 6:12pm

Yes, I agree, this is not security related and therefore not high-priority question. But it makes me curious why Comodo (which is one of the leaders of digital certificates market) uses code signing certificate from its competitor Verisign. ??? It’s like BMW using Toyota engine in some of its models. Sounds strange, doesn’t it? So, just like DiSP said, an explanation would be nice.

jeremysbost · May 13, 2010, 6:29pm

I would be horrified if I got a BMW with a Toyota engine but not if I got a Comodo installer with a Verisign sig.

DiSP · May 13, 2010, 10:41pm

Nice point of view :D.
Well for now we only have to wait, I still have some doubts if someone will ever answer to this question but…

DiSP · May 16, 2010, 7:05pm

Seems that nobody wants to answers to this.
(I’m just ex peculating)

languy99 · May 16, 2010, 7:29pm

I have an idea why, I would assume it’s because they want to prove that their code is authentic. If comodo signed it themselves naysayers would say, how do we know the code is good if they signed it themselves? So to avoid this they went with another code signer to prove that the code is good.

DiSP · May 16, 2010, 8:39pm

Actually that is a pretty good tough, but for example comodo dragon browser actually is signed by comodo, the same for other products.