On Thu, Jan 30, 2003 at 10:39:17AM -0800, hino@ccrl.sj.nec.com said:
IIRC, MS's patches has been digitally signed by MS, and their patching system checks these sign silently. So, they will claim that compromised route info and/or DNS spoofing does not affect their correctness.
Though, I'm not sure what will happen in key revoking situation.
interesting side note ... top of the page right now at http://www.ntk.net details a similar problem facing MS in the UK currently. (Remember when they forgot to renew hotmail.com, and some kind Linux geek fixed it for them ... well, apparently their entry in the Data Protection Register (UK) expired January 8. This means all personal data held by them in the UK is now illegal (passport, anyone?) I wonder if something like this would be useful (or even possible) in the US, of if it would be just another opportunity for bureaucratic bungling ...)
Koji
-- -= Scott Francis || darkuncle (at) darkuncle (dot) net =- GPG key CB33CCA7 has been revoked; I am now 5537F527 illum oportet crescere me autem minui