Quote from a Comodo-FAQ:
"Timestamping ensures that code will not expire when certificate expires. If your code is timestamped the digital signature is valid even though the certificate has expired. A new certificate is only necessary if you want to sign additional code. If you did not use the timestamping option during the signing, you must re-sign your code and re-send it out to your customers."
Not too much of an issue given how often we release currently, but as soon as the end of the certificate's lifetime nears it might become one.
(I stumbled upon this today for a signed, but not timestamped jnlp (Webstart) file).
From: firstname.lastname@example.org [mailto:email@example.com] On Behalf Of
Sent: Donnerstag, 22. Dezember 2011 14:30
Subject: [jitsi-dev] Re: [jitsi~svn:9228] Fixes a crash in the Microsoft
Outlook Contacts and Address Book integrat
I'm not familiar with this. What is the reason to timestamp the dll or
On Thu, Dec 22, 2011 at 3:26 PM, Bauersachs Ingo > <firstname.lastname@example.org> wrote:
> Thanks, Damian!
> Have you considered timestamping the signing process? The attached patch
should do the trick, but I don't have a cert-file at hand to test it.
>> -----Original Message-----
>> From: email@example.com [mailto:firstname.lastname@example.org] On Behalf Of
>> Damian Minkov
>> Sent: Mittwoch, 21. Dezember 2011 10:38
>> To: email@example.com
>> Subject: [jitsi-dev] Re: [jitsi~svn:9228] Fixes a crash in the Microsoft
>> Outlook Contacts and Address Book integrat
>> starting build 3842 dlls are now signed.
>> On Sun, Dec 18, 2011 at 10:57 PM, Lyubomir Marinov <firstname.lastname@example.org> wrote:
>>> Hi, Ingo! Nice to hear from you!
>>> 2011/12/18 Bauersachs Ingo <email@example.com>:
>>>> If I think back to our journey with the AV vendors: although the DLL is
>> currently not marked as malicious by any engine on VirusTotal, now that we
>> have a Code-Signing Certificate do you think it would make sense to sign
>> DLLs? I guess it would give some heuristic engines at least a hint in
>>> I don't know whether signing the DLLs will make a difference in that
>>> respect. Anyway, I remember Damian mentioned it to me a while back, I
>>> talked to Emil and he thought it was a good idea. So I guess we'll try
>>> it as soon as possible. Thank you very much for the note!
>>> Best regards,