On Thu, Jan 10, 2002 at 04:59:07PM +0000, Nicholas Clark wrote: > Do the music file makers arrange to sign every file with a private key so > that anyone can detect a knobbled file?
Yes. I assume Microsoft would. Like they sign drivers, activeX controls, etc, etc. Or maybe Verisign. But I doubt it. Once MS have the infrastructure in place to supplant verisign as the biggest CA, I don't see why they wouldn't. > In which case how much CPU effort would it take to crack that single key and > hence let anyone sign as "genuine" whatever they liked? DMCA... :-) Tom
