Adam Back <aba@dcs.ex.ac.uk> summarizes the Toto-files by noting
As to what it means -- it means that one or more others could have been the author of the message the IRS claim Carl Johnson wrote. Heck anyone could sign posts with that key now.
This suggests that a cynical, paranoid, person could create a "deniable" signature key by doing what "Toto" did: 1. Choosing a key length that a "very competent attacker" (i.e. a TLA), and only a "very competent attacker", could factor. 2. Signing a message and leaving the public key that signed that message on a public site. Now, when you are accused of signing a message, you can raise a "reasonable doubt" defence by claiming that the TLA may have reconstructed the private key that signed the message in question. Martin Minow minow@pobox.com