What about timestamping?
Since key pairs are based on mathematical relationships that can be cracked with a great deal |
of time and effort, it is a well-established security principle that digital certificates should expire.
Your Digital ID will expire on its expiry date. However, most software is intended to have a lifetime
of longer than one year.
To avoid having to resign software every time your certificate expires, a timestamping service is introduced.
Now, when you sign code, a hash of your code will be sent to Certification authority to be timestamped.
This means that you will not need to worry about resigning code when your Digital ID expires.
Microsoft Authenticode allows you to timestamp your signed code so that signatures will not expire when your certificate does.