Thanks for bearing with me. I believe I understand it all now.
Thanks, -Mont On Dec 7, 2007 3:43 PM, Adam Sills <[EMAIL PROTECTED]> wrote: > Yes. You're talking about this warning dialog: > > http://files.surrealization.com/adam/SecurityWarning.jpg > > This is caused by an alternate data stream in your NTFS file that gets put > there by Explorer and Internet Explorer when downloading executable files > from the internet zone. It has nothing to do with being unsigned. Note > that > my example above is a signed executable and shows the signer. To see it on > your files, download from the internet, view Properties on your file and > there will be an "Unblock" button on the General tab. > > > http://www.google.com/search?q=alternate+data+stream+unblock&rls=com.microso > ft:*&ie=UTF-8&oe=UTF-8&startIndex=&startPage=1 > > There is no way around this security warning when downloading through > explorer and IE, so get used to it. The only thing you can do is to > increase > your customer trust in your software by signing it so your name appears in > that box (like my example above). > > To sign your file, you need a verifiable code signing certificate and use > the signtool.exe ("signtool.exe signwizard" from an SDK command prompt) > tool > to sign your file(s). It can also be used from the command prompt (if I > remember correctly, I don't sign any of my programs :)). > > Adam.. > > -----Original Message----- > From: Discussion of advanced .NET topics. > [mailto:[EMAIL PROTECTED] On Behalf Of Mont Rothstein > Sent: Friday, December 07, 2007 4:50 PM > To: ADVANCED-DOTNET@DISCUSS.DEVELOP.COM > Subject: Re: [ADVANCED-DOTNET] Unknown publisher and downloads > > Just so I'm clear, are you saying that it is because it is downloaded that > it gives an "Unknown Publihser" warning? Or are we talking about > different > warning? > > The dialog says: > > (title) Open File - Security Warning > The publisher could not be verified. Are you sure you want to run this > software? > > Name: (the .msi file name) > Publisher: Unknown Publisher (in bold) > Type: Windows Installer Package > From: (path where the file is) > > > Assuming that we are talking about the same thing then I presume you mean > signing our files as something separate from the "Signing" tab in a VS > project's preferences. Would you mind pointing me to where I can get more > info on the signing you are referring to (this is not a ClickOnce app). > > Thanks for the help, > -Mont > > On Dec 7, 2007 2:22 PM, Adam Sills <[EMAIL PROTECTED]> wrote: > > > The warning isn't about an unknown publisher, it's about the file came > > from > > an untrusted source. > > > > I'm pretty sure this behavior was new to XP SP2. Download any > potentially > > executable file from the internet zone and it gets marked with an > > alternate > > data stream in NTFS indicating it is untrusted and requiring user > > approval. > > Right-click your file, go to properties and right on the first tab > > (General) > > click the "Unblock" button. > > > > If you sign your files, the user will be presented with your name > instead > > of > > "Unknown Publisher" and they can increase their trust level of your > > download. > > > > Adam.. > > > > -----Original Message----- > > From: Discussion of advanced .NET topics. > > [mailto:[EMAIL PROTECTED] On Behalf Of Mont Rothstein > > Sent: Friday, December 07, 2007 3:56 PM > > To: ADVANCED-DOTNET@DISCUSS.DEVELOP.COM > > Subject: [ADVANCED-DOTNET] Unknown publisher and downloads > > > > I'm not sure if this is the correct places to ask this but I can't seem > to > > find a more appropriate venue. > > > > We have an application that we sign with a strong name. > > > > We are using a Setup project to build the installer. > > > > If I double click the .msi on my machine, or copy it over the network to > a > > different computer and run it, then it works fine. No warning about > > Unknown > > Publisher appears. > > > > However if I copy the file to our ftp server and download via ftp or > http > > then when the file is double clicked an Unknown Publisher warning is > > presented. > > > > If the file is compressed, copied up, downloaded, and then uncompressed > > the > > same error occurs. > > > > I can't figure out what I need to do so that this Unknown Publisher > > warning > > will not appear when customers download our app from our website. > > > > Any help is appreciated. > > > > =================================== > > This list is hosted by DevelopMentor(R) http://www.develop.com > > > > View archives and manage your subscription(s) at > > http://discuss.develop.com > > > > =================================== > This list is hosted by DevelopMentorR http://www.develop.com > > View archives and manage your subscription(s) at > http://discuss.develop.com > > =================================== > This list is hosted by DevelopMentor(R) http://www.develop.com > > View archives and manage your subscription(s) at > http://discuss.develop.com > =================================== This list is hosted by DevelopMentorĀ® http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com
