Ian G wrote:
On Monday 09 May 2005 17:34, Ram A Moskovitz wrote:
On 5/9/05, Jean-Marc Desperrier <[EMAIL PROTECTED]> wrote:
Ram A Moskovitz wrote:
They can not truly attack the signature,
Actually, be careful there. The fact that they cannot
theoretically forge a digital signature should not be
confused with the myriad of ways in which an attacker
can futz with an *implementation* of a signing tech.
I don't know anything about the code signing tech,
That would have been a good place for that post to end, but
why stop there when one can spread more FUD?
but if it is anything like any of a dozen other signing
techs out there, it will probably surprise in how
vulnerable it is. Most signing applications were
put together with so many false assumptions that
they are either unusable or not worth using. Included
in that list is cousins like S/MIME.
--
Nelson B
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
