What are the requirements for using their signing service? If attackers can easily buy subordinate roots providing them free reign until they're caught hacking windows, that seems to undermine the whole system pretty severely, doesn't it?
Power management, mobile and firmware developer on Linux. Security developer at Aurora. Ex-biologist. mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer. Also on Mastodon.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
no subject
Date: 2012-05-31 06:54 am (UTC)And how does the blacklist update work?