[mpeg-OTspec] MD5 is no more considered secure
Eric Muller
emuller at Adobe.com
Thu Dec 17 23:54:40 CET 2009
On 12/17/2009 1:09 PM, Levantovsky, Vladimir wrote:
>
> DSIG is an optional table in the OT/OFF font, the primary reason for
> its inclusion is to provide a certain level of assurance that the font
> file has not been tampered with.
>
I don't think that with the current wording of the spec, the mere
presence of a signature says anything about what the signature means.
Think about a notarized declaration: my signature means that I make the
declaration, while the notary signature means that he followed a certain
protocol to assert my identity.
Eric.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.aau.at/pipermail/mpeg-otspec/attachments/20091217/092c1870/attachment.html>
More information about the mpeg-otspec
mailing list