[Owasp-leaders] Any OWASP Guidelines around Code Signing?
vaibhav.gupta at owasp.org
Mon Nov 16 17:32:58 UTC 2015
Is there any release/draft version of OWASP guidelines around code
signing/digital signing of executables?
Something like: What should be the signing process? Which hash algorithm to
use? What should be the min/max expiry? Should we use time-stamping? Any
blacklist algorithms? etc. ?
If we do not have any guideline in place, any suggestion around this would
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders