-----BEGIN PGP SIGNED MESSAGE----- In article <199610130802.JAA00335@server.test.net>, Adam Back <aba@dcs.ex.ac.uk> wrote:
What exactly is microsoft certifying when they sign a CAPI module?
That it is quality crypto? Has no obvious bugs? That it won't crash your system?
I remember hearing (if my memory is correct, from the mouth of a Microsoft employee at Crypto '96) that when Microsoft signs a module, they are certifying that they saw a signed sheet of paper swearing that either (1) you won't export the software, or (2) you have received an appropriate export license. AFAIK, they don't even read the code. - Ian -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMmaWoEZRiTErSPb1AQEsrQP/V8fxGzqySpul2UKQLHDcNeY23UFVibvo weLgaoEdTE40+A7iKfEUyQe6LUvDKKO+HPdxO2jfq9rdT+QUFpm0e0VI8j8kaUQS 6M05fRV/Q66YlmTspiz0jfyGOLauYAtlh8ow+fftAdfUGnb9vN4ODsT8z0Vd59xc nsAFH9UihU8= =QIJT -----END PGP SIGNATURE-----