|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
does .NET connect to Internet to verify digitally signed assembly certificate?I am developing a winforms control which is strong-named and digitally
signed . My customers complain that the control connects to the Internet when it is loaded, but I am sure my code doesn't do that. So my question is whether the .NET runtime does that, probably to check whether the digital certificate is valid ? Thanks Windows, not .NET, will attempt to verify the CRL for an Authenticode-signed
assembly. (This has nothing to do with strong naming.) It is possible to disable this behaviour globally, but not for any single assembly. Since global disabling of the verification on a given machine is hardly unlikely to be desirable, you basically have no way to stop this behaviour as long as your assembly has an Authenticode signature. Show quoteHide quote "D.Z. Simpson" <d_z_simp***@yahoo.com> wrote in message news:OpV6gG9WFHA.2128@TK2MSFTNGP15.phx.gbl... >I am developing a winforms control which is strong-named and digitally >signed . My customers complain that the control connects to the Internet >when it is loaded, but I am sure my code doesn't do that. So my question is >whether the .NET runtime does that, probably to check whether the digital >certificate is valid ? > > Thanks > If the control is signed via authenticode, then it is likely the case that
your certificate is being checked for revocation against the published CRL location in the certificate. This is usually a web address, so that would probably explain it. Joe K. Show quoteHide quote "D.Z. Simpson" <d_z_simp***@yahoo.com> wrote in message news:OpV6gG9WFHA.2128@TK2MSFTNGP15.phx.gbl... >I am developing a winforms control which is strong-named and digitally >signed . My customers complain that the control connects to the Internet >when it is loaded, but I am sure my code doesn't do that. So my question is >whether the .NET runtime does that, probably to check whether the digital >certificate is valid ? > > Thanks > I see, thank you.
Show quoteHide quote "Joe Kaplan (MVP - ADSI)" <joseph.e.kap***@removethis.accenture.com> wrote in message news:eQgNOj9WFHA.584@TK2MSFTNGP15.phx.gbl... > If the control is signed via authenticode, then it is likely the case that > your certificate is being checked for revocation against the published CRL > location in the certificate. This is usually a web address, so that would > probably explain it. > > Joe K. > > "D.Z. Simpson" <d_z_simp***@yahoo.com> wrote in message > news:OpV6gG9WFHA.2128@TK2MSFTNGP15.phx.gbl... >>I am developing a winforms control which is strong-named and digitally >>signed . My customers complain that the control connects to the Internet >>when it is loaded, but I am sure my code doesn't do that. So my question >>is whether the .NET runtime does that, probably to check whether the >>digital certificate is valid ? >> >> Thanks >> > > 
Other interesting topics
RSA Encrypt/Decrypt Problems
User id of a running Windows form app Appliyng Security in assembly. A single page from an existing application under SSL? Security Exception due to Medium trust level Allow inheritable permissions form the parent to propagate... ASP.NET roles, authentication full trus and 1.1 SP1 Security - newbie Q authentication and access control (.NET socket connection) |
|||||||||||||||||||||||
