Microsoft Office 2003 uses Microsoft Authenticode technology to enable you to digitally sign (digital signature: An electronic, encryption-based, secure stamp of authentication on a macro or document. This signature confirms that the macro or document originated from the signer and has not been altered.) a file or a macro project (macro project: A collection of components, including forms, code, and class modules, that make up a macro. Macro projects created in Microsoft Visual Basic for Applications can be included in add-ins and in most Microsoft Office programs.) by using a digital certificate (digital certificate: Attachment for a file, macro project, or e-mail message that vouches for authenticity, provides secure encryption, or supplies a verifiable signature. To digitally sign macro projects, you must install a digital certificate.). The certificate used to create this signature confirms that the macro or document originated from the signer, and the signature confirms that it has not been altered. When you set the macro security level, you can run macros based on whether they are digitally signed by a developer on your list of trusted sources.
Where to get the digital certificates
You can obtain a digital certificate from a commercial certification from Office Marketplace - Digital Signing, or from your internal security administrator or Information Technology (IT) professional. Or, you can create your own digital certificate.
Note Because a digital certificate you create yourself isn't issued by a formal certification authority, macro projects signed by using such a certificate are referred to as self-signed projects. Certificates you create yourself are considered unauthenticated and will generate a warning in the Security Warning box if the security level is set to High or Medium. Microsoft Office will only trust a self-signed certificate on a computer that has the private key for that certificate available (generally only the computer that actually created the certificate, unless the private key is shared with other computers).
Commercial certification authorities
To obtain a digital certificate from a commercial certification authority, such as VeriSign, Inc., you or your organization must submit an application to that authority.
Depending on your status as a developer, you should apply for a Class 2 or Class 3 digital certificate for software publishers:
- A Class 2 digital certificate is designed for people who publish software as individuals. This class of digital certificate provides assurance as to the identity of the individual publisher.
- A Class 3 digital certificate is designed for companies and other organizations that publish software. This class of digital certificate provides greater assurance about the identity of the publishing organization. Class 3 digital certificates are designed to represent the level of assurance provided today by retail channels for software. An applicant for a Class 3 digital certificate must also meet a minimum financial stability level based on ratings from Dun & Bradstreet Financial Services.
When you receive your digital certificate, you are given instructions on how to install it on the computer you use to sign your Microsoft Office solutions.
Internal certification authorities
Some organizations and corporations might have a security administrator or group act as their own certification authority and produce or distribute digital certificates by using tools such as Microsoft Certificate Server. Microsoft Certificate Server can function as a stand-alone certification authority or as part of an existing certification authority hierarchy. Depending on how Microsoft Office digital-signature features are used in your organization, you might be able to sign macro projects by using a digital certificate from your organization's internal certification authority. Or you might need to have an administrator sign macro projects for you by using an approved certificate. For information about your organization's policy, contact your network administrator or IT department.
Signing your own files and macro projects
After you have installed your digital certificate, you can sign files and macro projects.
When you digitally sign a file, you certify that the information in the file is valid and that it has not been modified since the file was signed. As long as a file is unchanged, reviewers can attach signatures to it. You might use a digital signature with important files. When you digitally sign a macro project, your digital signature says that you guarantee that the project is safe. Just as signed files remain signed until the file is modified, signed macro projects remain signed until the macro code is altered.
Cool things you can do with Office 2010
If you purchase, install, and activate a qualifying Microsoft Office 2007 product between March 5, 2010, and September 30, 2010, you could be eligible to download Office 2010 at no additional cost.