Binary Files
The application security configuration determines whether you must sign the binary files to run applications. Windows Mobile software for Smartphone supports the common application security configurations shown in the following table.
| Application security configuration | PrivilegedApps policy setting | Unsigned Applications policy setting | Unsigned Prompt policy setting |
|---|---|---|---|
| Restricted | Two-tier security model | Unsigned applications cannot run | User is not prompted |
| Standard | Two-tier security model | Unsigned applications can run | User is prompted |
| Unrestricted | One-tier security model | Unsigned applications can run | User is prompted |
For information about specific policy settings, see Security Policy Settings.
If the application security configuration requires signed binary files, you must confirm the following to run applications:
- The revocation list does not include the certificate hashes.
- The revocation list does not include the binary file hashes.
- The certificate chain maps to a root certificate in the Privileged Execution Trust Authorities or the Unprivileged Execution Trust Authorities certificate store.
See Also
Application Security | Creating the Provisioning XML for Signed Binary Files
Send feedback on this topic to the authors.
© 2005 Microsoft Corporation. All rights reserved.