It's not clear to me why being able to sign CSP modules is a risky thing anyway; all it means is that Windows will load and execute your crypto. The mechanism is designed to keep overseas end users from being able to build and install strong crypto libraries. If the NSA has a key, all they can do is vouch for their libraries as export-qualified and thus enable their use. It's not a secret backdoor or anything, and modules need to be on the machine before their signatures are checked. If I can get you to execute code on our Windows machine, I can penetrate your security, period. These authorizing signatures have nothing to do with it. Even if the key belongs to the NSA, I suspect that the NSA just wanted to be able to load classified Crypto Service Providers into Windows and didn't want to have to send said classified software to Microsoft for approval, so they got the key installed so they could approve software in house. - Tim Tim Dierks VP of Engineering, Certicom tdierksat_private 510.780.5409 [Hayward] -- 905.501.3791 [Mississauga]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:01:45 PDT