[cryptography] How are expired code-signing certs revoked?

Steven Bellovin smb at cs.columbia.edu
Wed Dec 7 17:37:53 EST 2011


On Dec 7, 2011, at 4:56 29PM, Peter Gutmann wrote:

> Steven Bellovin <smb at cs.columbia.edu> writes:
> 
>> Let's figure out what we're trying to accomplish; after that, we can try to
>> figure out how to do it.
> 
> See above, code signatures help increase the detecability of malware, although
> in more or less the reverse of the way that it was intended.
> 
I meant by canceling the key (I'm trying to avoid using the word "revocation"),
not by signing code.


		--Steve Bellovin, https://www.cs.columbia.edu/~smb








More information about the cryptography mailing list