Code Signing Natlink

[LexiconCode]

Out side the user experience code signing provides authenticity and integrity to the installer.

• Authenticity: This tells the user (and the computer) where the software came from.
• Integrity: Demonstrates that the code has not been modified. The digital signature does not just tell devices who signed the software, but what they signed. This allows a computer to know if the code has been changed at all since it was signed. This will also alert users to file corruption which may happen during downloading.

Cost:
Note! Different providers may only signing certain file types.

certum 1st time fee - Open Source Code Signing - set €69.00/ $78.94 US
Renewal - Open Source Code Signing €25.00 / $28.60 US

comodosslstore $212.49 US - 3/ $66.66 per year

Code Signing Process
Code Signing Walkthrough

Using SignTool with inno
Providing SignTool configuration in Inno Setup script

We maybe able to set the certificate up for the dictation toolbox org instead of just natlink.

[LexiconCode]

CodeSigner GUI
https://ehlertech.com/otherprograms/

[dougransom]

Maybe Microsoft should sponsor us since they are in the process of owning Dragon. I wonder if there's a place we can apply for a grant.

[quintijn]

It seems sensible to try this for the whole dictationtoolbox. The inno setup provides a setting, as one of Doug's links points to.

I wonder if the .pyd import, which Aaron (LexiconCode) hit upon, can also be "protected" by this signing process. #89

$25 dollar a year should be affordable, especially if we ask for donations again after the python3 version is up and running.

[drmfinlay]

I agree with this idea. Windows currently flags the installer as untrusted. It would be nice if we could sign the next release of the installer. The .pyd file could probably be signed too, but it seems less important.