Originally Posted by scaesare
However, you must sign with a cert from a trusted CA. There is of course some barrier to entry($$$) for this. Most end-users (the context of this discussion) won't be able to take a pre-exisiting unsigned binary driver "sign it themselves".[/url]
No one said end-users are going to sign drivers (democoder is a developer, not an end-user). As a matter of fact, they must not. The owner of the driver must do it. And â€œmostâ€ of those driver owners are not end-users and 99.99% of them in commercial business, supporting hardware which was not free.
Again, end-users can run with unsigned drivers in Vista-32. And applications, if they think our requirements are too onerous, can simply not call the API to find out if anything is unsigned. But if a kernel driver becomes developed which steals the bits left and right out of the app, and their only recourse is to get their player revoked, and make the user unhappy or check and not play if the rouge kernel driver is there, I know which one they may choose. For themselves or their customerâ€™s sake.
And someone writing a driver and sending it out unsigned, can choose whether the above impacts the level of distribution/usage of their app, to merit the paperwork to get the cert.
Remember that forgetting about this situation, badly written drivers are the #1 reason systems crash. An app does not bring the system down with it. A driver can. This is why in 64-bit servers we definitely require it. But in 32-bit, we look the other way. But it is a painful situation. Ideally, all drivers are not only signed, but fully tested and certified. But we get complaints like yours in principal, because people want to be in a hurry to put out untested drivers, so we donâ€™t force it.
But as an end-user, this is not a good thing. Trust me, I have 20+ years of OS development experience and nothing scares me more than when an unsigned driver pops up, and the user happily says, â€œyes, go ahead and install.â€ It is like letting a stranger walk into your house for dinner and you pulling a chair for him, without asking him his name!
But we digress. Letâ€™s follow up in another thread if you like as this topic, the few times it has come up, becomes argumentative in a hurry :).