[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200310291855.17104.capegeo@opengroup.org>
From: capegeo at opengroup.org (George Capehart)
Subject: [Bogus] Microsoft AuthenticodeT webcam viewer plugin
On Wednesday 29 October 2003 08:04 am, Nick FitzGerald wrote:
<snip>
>
> Authenticode is useless as a means of ensuring code is trustworthy
> _independent_ of such an effort from the CAs. _All_ Authenticode
> tells you is that someone was prepared to part with some cash and
> they found a CA they convinced that they were who they said they
> were.
This is why the CA's Certification Practice Statement (CPS) is so
important . . . and why, if one is going to accept a certificate, they
*really* should read the CPS and understand exactly what process the CA
went through to determine the authenticity of the DN. *Then* you
should read the audit reports to see if the CA is really following the
CPS. If that information is not available publicly available, he/she
who accepts those certs deserves what he/she gets.
In theory (at least if you trust the CA -- which I doubt few
> possibly could in Verisign's case once it issued code-signing certs
> under Microsoft's name to non-MS folk despite supposedly having extra
> special checking mechanisms for such a large and obviously
> "important" client),
See above.
an Authenticode "all clear" means that if you
> were stupid enough to "trust" (in the big sense) a piece of signed
> code the CA can help you locate the rat-bag who signed it should you
> want to fry their balls...
See above again. That is true IFF the RA did it's job.
>
> Anyone who ever thought Authenticode ever bought them more than that
> was seriously delusional and obviously did not understand the basics
> of code-signing as a "trust mechanism" (because it isn't one despite
> what MS wants you to believe). This is all part of why Authenitcode
> and ActiveX were always such fundamentally bad things and why the
> decision to take this route showed MS lacked even the most basic
> grasp of the fundamentals of security and trust. That Autheticode
> has been "sold" (and worse, accepted by some) as anything else but a
> poor-man's excuse for "nothing much" is somewhere between really sad
> and criminal...
>
I think "nothing much" is being pretty generous . . . :->
Cheers,
/g
--
George Capehart
capegeo at opengroup dot org
PGP Key ID: 0x63F0F642 available on most public key servers
"It is always possible to agglutenate multiple separate problems into a
single complex interdependent solution. In most cases this is a bad
idea." -- RFC 1925
Powered by blists - more mailing lists