Heuristic detection is commonly used by security software to check for and detect malicious code (e.g., viruses, worms, Trojan horses, etc.) Security software often exempts applications with Digital Signatures from heuristic detection. This is a good policy, as it both reduces false positives and allows trusted third party applications to bypass heuristic detection without requiring interaction with the publisher of the security software.
However, sometimes a digital signature provider provides signatures to entities which the security software publisher does not trust. This can occur because the signature authority made a mistake, or because the signature provider and the security software publisher have different standards as to what constitutes a trusted party. For example, digital signatures are granted to some companies that have been known to distribute commercial spyware applications. In this case, it would not be appropriate to grant a blanket heuristic detection exemption to files from such a company. On the other hand, the company may ship applications that do not contain spyware, so it is also not appropriate to assume that all files from such a company are known to be a threat.
It would be desirable to be able to revoke the exemption given to applications with digital signatures where desired, without presupposing that files originating from an entity with a revoked exemption comprise a threat per se.