I'm the Co-Founder of Snapp (http://getsnapp.com), a tiny filesharing utility for Mac and Windows. Our app is of course getting issues with Windows Anti-Viruses because its code is not signed. This is representing a huge first-use barreer to some users so I started the procedure to get a valid codesigning certificate.<p>Since we are currently bootstrapping, we are trying to save as much money as possible, so I opted for K-Software which is re-selling Comodo certificates for cheeper prices. Unfortunately the whole procedure looks insane to me: I've had to validate a few documents through an attorney, I've had to FAX everything from the attorney's office to the Comodo offices and I've had to send the same docs via ordinary mail to the Comodo offices. The thing is taking long especially for the mailing part since we are based in Italy and we are still waiting for the docs to hit the offices.<p>As a side note, I'm a little concerned regarding opening our private beta. We feel ready for making the beta public due to the apps performing well now, but I'm concerned regarding the codesigning stuff on Windows, because this would surely mean a bad experience for most of Windows users.<p>Also, is it just me or the Windows codesigning experience is the worst? I mean, I had codesigning experiences with Apple and despite them being a convoluted process, they ended up taking just a day or two.<p>I just wanted to share my experience and gather a few information from you. You may have had a better experience than mine.
Looks like a Comodo, other CAs have a less terrible process:
<a href="https://www.digicert.com/ssl-validation-process.htm" rel="nofollow">https://www.digicert.com/ssl-validation-process.htm</a>
Unfortunately, I think code signing requires organization validation, unlike SSL certificates. Though I agree that resellers being involved makes the process more complex.