Creating a crystal clear and pure Internet

John Payne john at sackheads.org
Tue Nov 27 21:31:56 UTC 2007


On Nov 27, 2007, at 4:04 PM, Florian Weimer wrote:

>
> * Jared Mauch:
>
>> 	Within the next 2 major software releases (Microsoft OS) they're
>> going to by default require signed binaries.  This will be the  
>> only viable
>> solution to the malware threat.  Other operating systems may follow.
>> (This was a WAG, based on gut feeling).
>
> The code signing CAs have never been subject to serious attack.  It's
> unlikely that they are sufficiently robust for this scheme to work  
> on a
> large scale.

One would hope that the CA's wouldn't be connected to an attack path...

The revocation stuff should be distributable if it's not already.



More information about the NANOG mailing list