Forum Discussion
Leigh_Marble
Jan 11, 2024Copper Contributor
Codesigning with ECC certificate (rather than RSA) - works with SmartScreen?
Hello, Newbie here at the MS tech community, hope I'm posting this in the right spot. I have a seemingly straightforward question that I haven't found an answer to yet: Does https://learn.mic...
sankut
Sep 24, 2024Copper Contributor
Hi,
Actually, the Microsoft SmartScreen does support ECC certificates, but they are not as common as RSA certificates. This means ECC-signed programs might take longer to be trusted by SmartScreen, which could cause warnings until enough reputation is built.
RSA certificates are still the preferred option for quicker trust and compatibility across platforms because they have been used for a long time. EV certificates (both RSA and ECC) are used to boost SmartScreen reputation right away, but now you need to submit your files to Microsoft for verification to skip warnings.
However, it is important to note that the choice of algorithm (RSA or ECC) does not directly impact how Microsoft SmartScreen filters your app. What matters is the reputation your software builds over time, not the type of certificate used for signing.
So, the EV code signing certificates are still the most secure and trusted. However, with an EV certificate, you may need to submit your files to Microsoft, especially for ECC certificates, to speed up trust-building.
Hope your answer is clear now.
Actually, the Microsoft SmartScreen does support ECC certificates, but they are not as common as RSA certificates. This means ECC-signed programs might take longer to be trusted by SmartScreen, which could cause warnings until enough reputation is built.
RSA certificates are still the preferred option for quicker trust and compatibility across platforms because they have been used for a long time. EV certificates (both RSA and ECC) are used to boost SmartScreen reputation right away, but now you need to submit your files to Microsoft for verification to skip warnings.
However, it is important to note that the choice of algorithm (RSA or ECC) does not directly impact how Microsoft SmartScreen filters your app. What matters is the reputation your software builds over time, not the type of certificate used for signing.
So, the EV code signing certificates are still the most secure and trusted. However, with an EV certificate, you may need to submit your files to Microsoft, especially for ECC certificates, to speed up trust-building.
Hope your answer is clear now.