Home Library Learn Samples Downloads Support Community Forums
Microsoft Developer Network >
Digital Signature

Answered Digital Signature

  • Monday, April 16, 2012 7:14 PM
     
     
    Sign In to Vote
    0

    We have tried the following

    Application A -> Create a thing and signed with the valid certificate

    Application B -> retrieve the thing by using a filter(assume application b developer forgot to specify the signature filter)

    Application B -> update the thing

    No exception is thrown, and the signature is gone.

    If application B can easily override the signature, I don't see what is the point of digital sign the thing since there is no strict enforcement.  

     

All Replies

  • Monday, April 16, 2012 11:21 PM
    Owner
     
     Answered
    Sign In to Vote
    1

    Hi,

    Signatures guarantee Thing integrity.  If the signature is valid, the Thing has not been tampered with or altered.  Updating a Thing alters it thereby invalidating the signature.  The signature cannot be preserved in this case.

    --Rob

    • Marked As Answer by g7steve Wednesday, April 18, 2012 7:35 PM
    •  
     
  • Sunday, June 10, 2012 3:52 PM
     
     Proposed
    Sign In to Vote
    0
    Thank's !
    • Proposed As Answer by vietnamnew Sunday, June 10, 2012 3:53 PM
    •  
     
© 2013 Microsoft. All rights reserved.