Microsoft and Symantec are pushing for tighter controls in the way certificate authorities issue keys used in code-signing. China, Brazil and South Korea are the hot spots where the problem of malware signed with certificates is the worst right now. Microsoft is keenly interested in this effort because “Microsoft is out to protect Windows,” says Dean Coclin. The underlying concept is that certificate authorities would have to follow more stringent practices related to proofing identity. The new identity-proofing requirements will be detailed next month in the upcoming CAB Forum document from its Code-Signing Group.”]