North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Creating a crystal clear and pure Internet

  • From: Florian Weimer
  • Date: Tue Nov 27 16:10:14 2007

* Jared Mauch:

> 	Within the next 2 major software releases (Microsoft OS) they're
> going to by default require signed binaries.  This will be the only viable
> solution to the malware threat.  Other operating systems may follow.
> (This was a WAG, based on gut feeling).

The code signing CAs have never been subject to serious attack.  It's
unlikely that they are sufficiently robust for this scheme to work on a
large scale.

There's also the issue that you can't reliably tell data (which,
presumably, does not need to be signed) from code.