Digitally signed software in Windows Vista

Question: I have heard that Windows Vista will require that all installed software packages have a "digital signature." What does that mean, and what might this mean for open source software programs we currently use at many of our school campuses?

The IT Guy says:
In the context of computer software and operating systems, a digital signature is “a cryptographically based signature assurance scheme” used to verify the source and authenticity of available code prior to its installation on a computer.

On “Driver Signing Requirements for Windows” Microsoft has indicated that digital signatures may be required within Windows Vista, Microsoft's next-generation operating system set to replace Windows XP, where previously signatures were highly recommended but optional. Although it is too early to know for certain, these requirements could present significant obstacles for school districts currently using or wanting to use open source software solutions that do not have accompanying commercial digital signatures.

The idea of a digital signature is good: In theory, by using digitally signed software, users should increase the likelihood that software installed on their system will not contain malware and will function properly on their computer without interfering with other operating system or software functionality. Free software like The Gimp, however, is an example of highly-functional software whose installation may be prevented under a mandatory digital signature scheme. Hopefully Windows Vista will provide ways for network administrators to still authorize installations of desired open source software solutions like The Gimp. At this point, it seems too early to state with certainly if this will be a problem under Windows Vista or not.

Next Tip: Cross-Platform Desktop Videoconferencing

Tags