Blog Post

Security, Compliance, and Identity Blog
2 MIN READ

Trusted Signing is now open for individual developers to sign up in Public Preview!

MehaSharma_MSFT's avatar
Nov 04, 2024

Trusted Signing addresses the signing issues faced by individual developers by providing a comprehensive and affordable solution. It ensures the authenticity and integrity of code through a modern identity validation process, which is crucial for securing code signing certificates.  

 

One of the key advantages of Trusted Signing is its cost-effectiveness. Trusted Signing offers two pricing tiers, starting at $9.99/month: Basic and Premium. Both tiers are designed to provide optimal cost efficiency and cater to various signing needs. The costs for identity validation, certificate lifecycle management, and signing are all included in a single offering, ensuring accessibility and predictable expenses. This eliminates the need for individual developers to invest in additional infrastructure and operations required to manage and store private keys securely. 

 

Trusted Signing Identity Validation Process 

Trusted Signing leverages Microsoft Entra Verified ID (VID) for performing Identity Validation for individual developers. This ensures that developers get VID that lives on the Authenticator app.  The verification process typically involves the following steps: 

  1. Submission of Government-Issued Photo ID: The first requirement is to provide a legible copy of a currently valid government-issued photo ID. This document must include the same name and address as on the certificate order.
  2. Biometric/selfie check: Along with the photo ID, applicants need to submit a selfie. This step ensures that the person in the ID matches the individual applying for the certificate. 
  3. Additional Verification Steps: If the address is missing on the government issued ID card, then additional documents will be required to verify the address of the applicant. 
  4. Got an existing VID? Make sure it meets the onboarding criteria for your desired service, and you can effortlessly reuse it across multiple services! 

 This is how a successfully procured VID would appear in Azure portal. 

 

 

Best Practices for a Smooth Validation Process 

To ensure a smooth and successful identity validation process, individual developers should adhere to the following best practices: 

  • Accurate Documentation: Ensure that all submitted documents are accurate and up to date. 
  • Stay Informed: Keep abreast of any changes in the validation requirements or processes. 

 

Conclusion 

Identity validation is a critical step for individual developers seeking code signing certificates. By understanding the process, preparing in advance, and following best practices, developers can successfully navigate the validation process and secure their code signing certificates. The plan is to extend the same level of robust identity validation process to make Trusted Signing available for organizations incorporated less than 3 years ago.  

 

Try out Trusted Signing today by visiting the Azure portal.

Updated Oct 29, 2024
Version 1.0
  • Deepesh's avatar
    Deepesh
    Copper Contributor

    Does not work, tried my PAN card, Passport and US VISA but always fail without giving any reason. Just - something went wrong.

      • Deepesh1's avatar
        Deepesh1
        Copper Contributor

        It's a common issue for everyone, it errors out. See - https://github.com/Azure/trusted-signing-action/issues/42#issuecomment-2464205748

    • alexfr26's avatar
      alexfr26
      Copper Contributor

      Have you managed to solve your problem? I’m facing the same issue while trying to validate my identity with an ID card. It reads the document from both sides successfully, and I take a selfie, but during next step (validation processing), I get an error with no details. The “Get Support” button just redirects to the Microsoft page.

       

      • MehaSharma_MSFT's avatar
        MehaSharma_MSFT
        Icon for Microsoft rankMicrosoft

        Some folks are hitting a bug during the process and we are actively working on resolving the issue.

    • jasont2's avatar
      jasont2
      Copper Contributor

      It did not work with my US Passport, but did work with my Texas Driver's License (go figure)

  • jasont2's avatar
    jasont2
    Copper Contributor

    Hi, I actually got my identity validated and a created a certificate profile, but not clear on how to get a certificate issued using it.  In Key Store / Certificates, I am not seeing how to associate a Trusted Signing Account with a certificate.  Any documentation for this?  Is this just a matter of putting the Subject name in the Certificate profile in as the Certificate subject?

    • MehaSharma_MSFT's avatar
      MehaSharma_MSFT
      Icon for Microsoft rankMicrosoft

      https://learn.microsoft.com/en-us/azure/trusted-signing/how-to-signing-integrations