>
> Does the fact that parts of Stuxnet was signed by two valid certs
> count as a cryptographic failure?
>
Of course not. Does it count as a DMV failure if a bank robber has a valid
drivers license?
None of us have ever claimed that only good people can use cryptography. As a
matter of fact, you'll find that most of us have criticized the assumption that
a valid signature means truth, beauty, morality, or anything beyond a
mathematical formula returning a 1.
You cannot produce trust with cryptography, no matter how much cryptography you
use.
Jon
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
