开发者

Why is my .Net app contacting Verisign?

问答 作者:

I wrote a .Net application that has nothing to do with network communication. There is开发者_Go百科 not a single line of code in the whole application that uses the NIC, but my firewall has caught it trying to contact Verisign for some reason when the app starts. This does not happen regularly; as a matter of fact, it has only happened twice.

The last time it happened, I was able to launch Wireshark before telling my firewall to allow access to the network. There was no real data transfer that I can tell. It only captured 9 TCP packets: some SYN packets, some SYN/ACK, and some RST packets (The RST packets were broken). I would suspect one of my third-party dlls, but I don't see why a math library or an image manipulation library would try to establish a connection with Verisign and then do nothing with that connection.

My clients are in organizations with tight security; the last thing I want is a phone call asking why my application is connecting to the Internet.

Does anyone know why this is happening? Is there a way to prevent it from happening?

The .pcap file that Wireshark generated is here.

Here's a good link a blog explaining what's happening, and the changes to your application config file you can add to stop it from happening, specifically:

<configuration>
   <runtime>
       <generatePublisherEvidence enabled="false"/>
   </runtime>
</configuration>

It's related to authenticode signing, and the PublisherMembershipCondition which you almost definitely don't need. That's explained here on MSDN

A thing to note is that .Net 2.0 and .Net 3.0 only added support for this config setting with SP1. .Net 3.5 supports this without any service pack.

If you sign your assembly with a real certificate, the .net runtime has to check the digital signature.

If it's a web app with SSL, it could be IE trying to verify that the certificate hasn't been revoked.

Are any of the 3rd party DLLs signed with Authenticode?

Are these paid third party dlls which are possibly doing some sort of usage authentication?

继续阅读:.netnetworkingstartupunauthorizedverisign

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9