On 22/05/2015 12:52 AM, Shmuel Metz (Seymour J.) wrote:
My understanding is that m$ not only insists that the software be
digitally signed, but that m$ controls the process. I have no
objection to digital signatures per se, but the user should be in
control of which CA's are trusted.
Who do you trust is the fundamental issue with digital certificates. It
makes sense to install a common list with the operating system, as that
is where all trust must originate. I would expect that Windows, Linux
and other operating systems (hopefully z/OS) come with essentially the
same list of trusted CAs. Digital signatures break down when you are not
sure whether the end user can verify the signature.
Windows allows you to install your own trusted CAs, but how do you
verify that they really can be trusted? I can pretty much guarantee that
whatever checks you do are less stringent than what is required to be
included with the OS. I have encountered software (anti-virus of all
things) signed with a certificate where the CA is not already installed.
This is a PITA - how do you know the CA can really be trusted? They
claim they are trustworthy, but they would say that, wouldn't they?
I sign my Windows installer (and arguably should sign the installed exes
too). I had no contact with Microsoft to get the certificate. The same
certificate works to sign e.g. Java jars. I am hopeful that I could also
use it to sign software for z/OS. So I would not say that Microsoft
control the process.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN