Challenge to TCPA/Palladium detractors
AARG!Anonymous
remailer at aarg.net
Thu Aug 8 19:55:45 EDT 2002
Anon wrote:
> You could even have each participant compile the program himself,
> but still each app can recognize the others on the network and
> cooperate with them.
Matt Crawford replied:
> Unless the application author can predict the exact output of the
> compilers, he can't issue a signature on the object code. The
> compilers then have to be inside the trusted base, checking a
> signature on the source code and reflecting it somehow through a
> signature they create for the object code.
It's likely that only a limited number of compiler configurations would
be in common use, and signatures on the executables produced by each of
those could be provided. Then all the app writer has to do is to tell
people, get compiler version so-and-so and compile with that, and your
object will match the hash my app looks for.
DEI
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list