SSIS service does not start with SP1: workaround

SQL Server 2005 SP1 seems to stop many working installations of SSIS service. I lost some hour on this problem and only a few days after I discovered a good workaround here.

While you install SQL Server 2005, setup procedure brings you to use NETWORK SERVICE as account for SSIS service. SP1 verify signatures of the files getting a file from internet: it doesn’t work if the server has no internet connectivity and it doesn’t work if the user is NETWORK SERVICE.

Possible workarounds:

• Change user account for SSIS Service to a regular (least privilege) user
• Disable checking certificate revocation list for NETWORK SERVICE user

 

The registry hack is this:
Windows Registry Editor Version 5.00

[HKEY_USERSS-1-5-20SoftwareMicrosoftWindowsCurrentVersionWinTrustTrust ProvidersSoftware Publishing]
“State”=dword:00023e00

 

Now, the big question is: what of those two techniques has to be considered safer? I would say that changing registry for NETWORK SERVICE account doesn’t change much and should have less side effects than changing user account on a production machine, but sincerely I don’t have a consolidate answer now, so comments are welcome.