Re: [DotGNU]Virus writers take an early crack at .Net

[John]

I'm sure their will be some other plug-ins (not just VMs) that need
certificate processing? Auth/Acq plugins come immediately to mind. This
sounds like the kind of common resource where many plugins would
callback to the SEE? Again, I'm just speaking off the top of my head.
David's the arbiter.

John Le'Brecage

Rhys Weatherley wrote:
> 
> John wrote:
> 
> > "Gopal.V" wrote:
> > > Also I guess that the certifcate verifcation and
> > > stuff like that comes in the domain of SEE ?
> >
> > Currently we've not even considered what the SEE should really do. Right
> > now it just mounts plugins. This seems like a resonable feature request
> > though. What do you think David?
> 
> Depends upon where the signature is.  Windows typically
> puts these things inside the .exe or .dll itself, which means
> that SEE will need to pull apart the PE/COFF file to verify
> the signature.
> 
> Portable.NET already has code for pulling apart PE/COFF
> files.  If there was some SEE oracle available that I could
> ask "Is this valid according to SEE guidelines?", then I can
> hook it through during the program load process.
> 
> Cheers,
> 
> Rhys.