Many third-party drivers ship with the Microsoft Windows 2000 CD distribution. In order to participate in this program, several requirements must be met. Additionally, whenever a naive attempt to install a driver on Windows 2000 is made, a warning message is issued stating that the device driver is not digitally signed and its authenticity cannot be verified by Microsoft. This section explains the role of Microsoft in verifying driver authenticity and the burden placed on a driver author and hardware manufacturer to certify their package for inclusion into future Windows 2000 CD distribution. Why Microsoft Verifies DriversIt is in Microsoft's best interest to promote two (conflicting) goals.
Since device drivers operate in kernel mode, they have the capability to slowly or quickly crash a system. Since instability of the system will often be blamed on the kernel itself, it is clearly in Microsoft's interest to maintain a list of certified vendors and drivers for their operating systems. Of course, stating that Windows 2000 interoperates with more hardware devices than other OSs is a strong selling feature. Therefore, Microsoft often works with hardware vendors to ensure timely release of compatible drivers. To accomplish the two goals, Microsoft has established a specialized group, the Windows Hardware Quality Labs (WHQL), that provides a certification of hardware and the device driver. The participation benefits for hardware vendors include
To participate in the program, visit the site http://www.microsoft.com/hwtest for procedures and pricing. Digital SignaturesAs part of the WHQL program, a certified driver obtains a digital signature that permits Windows 2000 to install the driver without the unprofessional warning of "imminent danger." The digital signature consists of several components.
The digital signature is allegedly tamper-proof and ensures that the driver being installed is the original code supplied by the vendor. It uses cryptographic technology to achieve this goal. The signature itself does not alter the code in any way.
|