Re: [ft-devel] Digital signatures

freetype-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ft-devel] Digital signatures

From:	Antoine Leca
Subject:	Re: [ft-devel] Digital signatures
Date:	Fri, 26 Aug 2005 16:57:26 +0200

Salut David,

On Friday, August 26th, 2005 10:19Z, David Turner wrote:

<About the threat to enforcing DSIG>
> or for Microsoft:
>
>   "We completely gave up competing with Apple on the graphics
>    design and print market. Also, we forgot what the PC revolution
>    was all about."

It will also mean a huge rush on technical support for both MS and its OEM
resellers ("my font does not work any more"), which in turn means a bunch of
big bucks, something that is definitively out of order.
Not to mention a lot of trials about enforcing monopolies, with the
consequence that the enforcement will not be effective in "unmanaged"
environment (read home/SOHO users, as opposed to big corporations, see
below.)

> The only plausible scenario for DSIG I can think of is the head of an
> IT department deciding to only allow signed binaries/documents/fonts/
> wathever on its Windows network. I'm also convinced that the
> "experiment" will not last more than 24 hours :-)

Since I am in the "head if IT dept" business ;-), I am not that sure the
experiment may not last a bit longer. Sure, a wide part of the "public",
i.e. the technically-skilled people, the same that as George does not worry
very much if their station crash because of an experiment with a "strange
font" ;-), would be excluded of the experiment starting on hour H+2 as a
maximum!!! This includes everybody reading me, BTW, and it includes the
proper "head if IT dept" and his staff, of course! :-D

But the IT head might have other ideas for his more peaceful victims... and
there the experiment could last a bit longer. Particularly if he succeeds at
convincing the big boss that this would allow restriction in the use of PCs
to replay/download/whatever 'illegal' (in the sense of DRM/MDCA) content
;-).

Also, if some hacker succeed at creating a TT font exploit (still to see it
even in lab), *and* that it appears that enforcing the signature is a
valuable countermeasure (not true today, but with Palladium these kind of
things could be envisioned), *then* I can assure you that such an experiment
could be set up: as you might know, counter threats like virus spreading
allow to quick and vigorous measures to be taken.
Of course, such a fix is a (bad) kludge.

OK, enough rambling, I've real job to do.

Antoine

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [ft-devel] Digital signatures, (continued)
- RE: [ft-devel] Digital signatures, Turner, David, 2005/08/25
  - RE: [ft-devel] Digital signatures, George Williams, 2005/08/25
  - Re: [ft-devel] Digital signatures, David Somers, 2005/08/25
  - Re: [ft-devel] Digital signatures, Antoine Leca, 2005/08/26
- RE: [ft-devel] Digital signatures, Turner, David, 2005/08/25
- RE: [ft-devel] Digital signatures, Turner, David, 2005/08/26
  - Re: [ft-devel] Digital signatures, Antoine Leca <=

Prev by Date: Re: [ft-devel] randomly corrupting tests
Next by Date: [ft-devel] TT_MAX_COMPOSITE_RECURSE
Previous by thread: RE: [ft-devel] Digital signatures
Next by thread: [ft-devel] freetype2.pc: Missing include directory
Index(es):
- Date
- Thread