> With that said, I propose that "code signing" and > then enforcing some kind of "use sanctioning" protocol > by the operating system vendor is an idiotic idea, and > fortunately one that has been proven as completely > impractical
Somewhat related: The IEEE is asking for proposals to develop and operate a CA as a part of their Taggant System. This involves signing to validate the usage of packers (compressing executables). Packers can make it hard for anti-virus programs to spot malware. http://standards.ieee.org/develop/indconn/icsg/ Does this strike you as impractical? It seems obvious to me that it will be a wasted effort. Mike N _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
