From: "Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com>
The design of the code signing services was to ensure that code
obtained through the web was at least as trustworthy as code bought
in a shrinkwrap box in a store.
That's nice.
I do not use shrinkwrap Microsoft code on any computer I run, because
I don't trust it any more than I'd trust the handful of .exe's from
random people that my mail filter blocks each day.
It was not to eliminate all possible risks.
Adding mobile code to SMTP servers or MUA's opens up a vast new area
of insecurity and potential exploits.
In 1980, who would ever have dreamed that e-mail viruses could exist?
E-mail was just a chunk of text sent from point A to point B. Sorry,
but anyone proposing mobile code on the uncontrolled Internet either
has an incredible amount of hubris, or has failed to learn from
history.
I would actually support signed mobile code on one condition: The
authority that signs the code must agree to compensate everyone for
any loss caused by the signed code, or by an exploit of a weakness in
the signed code, for a period of 20 years from when the code is
signed.
Under these conditions, I doubt anyone would sign any code. :-)
--
David.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg