When deploying an application, you can digitally sign each cabinet file and have the end user verify each digital signature when the file downloads.

This approach provides end users with the assurance that each file has:

• Authenticity — Assurance that you prepared the file
• Integrity — Assurance that nobody has tampered with the file

The WebClient Application Assembler uses Microsoft Authenticode technology to sign the application cabinet files digitally. It requires access to the signtool.exe, pvk2pfx.exe, and optionally makecert.exe tools. You need makecert.exe if you wish to create a mock public-key certificates for testing. These tools are part of Microsoft Windows SDK.