I've been assigned the task of buying a digital certificate for my company to sign our code. We develop applications in the Microsoft space - mostly WPF or Web Based.
I've investigated options and found Comodo to be well priced and responsive, and we're ready to go ahead and purchase a cert through them.. however in the signup form there are various private key options that I'm not too sure about, namely:
CSP
Key Size
Exportable?
User Protected?
Just wondering what all of this means, and what the best options are for our requirements? Any advice/ suggestions would be appreciated
thanks heaps Greg
For "most purposes" the following options are recommended:
To be honest, I'm not familiar with the different CSPs, but the Base does the job every time for me.
Key Size makes the keys harder to crack, but more than 2048-bits for a short to medium term key (3-5 years) is ample (IMHO).
Exportable lets you export the private key/certificate pair - essential for backing it up!
User Protected means that you must enter a password every time that you want to use the cert - highly recommended to prevent accidental or malicious signing of code with your certificate.