Microsoft KB Archive/224404

= Windows 2000 Code Signing: Digitally Signed Drivers =

Article ID: 224404

Article Last Modified on 2/23/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Professional Edition
 * Microsoft Windows 2000 Datacenter Server

-



This article was previously published under Q224404



SUMMARY
In order to assure users that they are using the highest-quality drivers, Microsoft will digitally sign drivers that pass the Windows Hardware Quality Lab (WHQL) tests. Drivers submitted to WHQL that pass testing with the final released Windows 2000 products will be given a Microsoft digital signature. This digital signature will be associated with individual driver packages and will be recognized natively by Windows 2000 systems. Devices covered include:
 * Video adapter


 * Keyboard


 * HDC


 * Multimedia device


 * Monitor


 * Modem


 * Mouse


 * Network adapter


 * Printer


 * SCSI adapter


 * Smart card reader



MORE INFORMATION
Windows 2000 systems will support the ability to either warn or entirely block users from installing unsigned code. If a file has not been digitally signed and resides in the above-referenced classes, users will be notified that a file has not been digitally signed, and prompted whether they would like to continue.

Driver signing uses the existing digital-signature cryptographic technology. A hash of the driver binary and relevant information is stored in a catalog file (CAT file), and the CAT file is signed with the Microsoft signature. The driver binary itself is not touched; only a CAT file is created for each driver package. The relationship between the driver package and its CAT file is referenced in the driver's INF file and maintained by the system after the driver is installed.

Keywords: kbenv kbinfo KB224404

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.