No hardware or OS vendor in a major system I would be irresponsible enough to use the processes used by companies like Adobe to protect Authenticode code signing keys.
That's only partially true, but even if we accept it for discussion, they still just grab those blobs from the build infra, right?
-
-
At Microsoft, for example, a quorum of people authorized as signer in the organization that kicked off the build must approve the signing. Only a limited set of people can merge into master, and a much smaller subset approve signing with prod keys.
-
You would not, for example, get those in the defined quorum to approve a package to be signed with prod keys if no release was scheduled/planned. Things like bootloaders for firmware are often done with manual processes and entirely offline.
- 5 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.