Anonymous wrote: > Matt Crawford replied: > > Unless the application author can predict the exact output of the > > compilers, he can't issue a signature on the object code. The > > compilers then have to be inside the trusted base, checking a > > signature on the source code and reflecting it somehow through a > > signature they create for the object code. > > It's likely that only a limited number of compiler > configurations would be in common use, and signatures on the > executables produced by each of those could be provided. > Then all the app writer has to do is to tell people, get > compiler version so-and-so and compile with that, and your > object will match the hash my app looks for. DEI
The above view may be overly optimistic. IIRC, nobody outside PGP was ever able to compile a PGP binary from source that matched the hash of the binaries built by PGP. --Lucky Green