Advisories - Code Signing Intermediate CA 2001 Replacement Advisory from VeriSign, Inc.
VeriSign, Inc. Logo
   
dots
people
Products & Services spacer Solutions spacer Support spacer About VeriSign Existing Customer Login
You Are Here: United States Home > Support > Advisories > Code Signing Intermediate CA 2001 Replacement Advisory

Advisories

Code Signing Intermediate CA 2001 Replacement Advisory

Issue: Code Signing Intermediate CA 2001 Replacement. On or about October 5, 2004, VeriSign will replace its current intermediate Code Signing CA 2001 that expires on 12/02/2011 with a new intermediate Code Signing CA 2004 that expires 07/15/2009. The new intermediate Certification Authority (CA) is issued by the same Primary Certificate Authority 3 (PCA-3) root certificate as the current code signing intermediate CA. 
 
After this date, all code signing certificates will be issued from the new intermediate CA. No action is required by Code Signing Customers – this message is only to inform you of the change in the issuer CA of VeriSign code signing certificates.  
 
Why we are doing this  
VeriSign periodically replaces CAs in order to apply the best PKI practices for our customers.  
 
What this means to you  
This rollover is expected to be transparent to all code signing customers. Developers using code signing certificates issued by the new intermediate CA can continue using the same signing tools and processes. This change is transparent because the new Code Signing CA 2004 chains up to the same PCA-3 root CA which issued the current Code Signing CA 2001.  
 
What this means to your customers or end users  
End users who are downloading and/or running properly signed code will not experience any change in behavior during download or run time.  
 
Recommended Practice  
VeriSign recommends the use of its Primary Certificate Authority Roots (available at http://www.verisign.com/support/roots.html ) as root certificates. VeriSign does not warrant the use of Intermediate CAs as root certificates and recommends that intermediate CAs not be embedded into applications and/or platforms as root certificates.  
 
If you are using the intermediate CA 2001 that expires on 12/02/2011 as a root certificate for certificate chaining, please note that your applications or platforms that have an Intermediate CA embedded as a root certificate may not operate as designed after the Intermediate CA has been re-keyed.
Contact Us
Contact Support >>
spacer Worldwide Sites | Legal Notices | Privacy | Repository | Contact Us | ©1995-2005 VeriSign, Inc. All Rights Reserved


spacer