On Friday, 4 November 2022 at 14:14:43 UTC, Guillaume Piolat
wrote:
One could perhaps use a self-signed certificate that will allow
to reuse that Authenticode reputation, I'm not sure.
Now, to be very clear: there is a chance that even a non-CA
certificate would accumulate trust, since according to MS:
Application reputation for unsigned software is based on
fingerprints while publisher reputation is based on signed
software associated with a code signing certificate.
It's not entirely clear that you absolutely require a real
trustedd CA to get that reputation.
