-----BEGIN PGP SIGNED MESSAGE----- On Tue, 9 Jul 1996, jim bell wrote:
Date: Tue, 09 Jul 1996 20:34:11 -0800 From: jim bell <jimbell@pacifier.com> To: George Kuzmowycz <gkuzmo@ix.netcom.com>, cypherpunks@toad.com Subject: Re: MSoft crypto API's
[stuff moved to /dev/null]
Couldn't somebody IMPORT a piece of encryption software, have it signed by Microsoft, then take the XOR of the signed and unsigned software and export it? (It's not a tool capable of encryption...)
Hrmm.. at this point I am reminded of when mit.edu refused to allow my brother to ftp the non-international version of PGP... To make a long story short, he promptly received the exact same file from a .de server.
Or: Microsoft presumably has foreign branches, or at least it could easily afford to set up one. What's to stop Microsoft from signing foreign encryption software outside of the US? The software is never exported (since it's already outside the country...), so there's no USA-law involv ement. Jim Bell jimbell@pacifier.com
Perhaps the real question is this... Can MS reliablt develop a working and secure encryption package that we should all trust in the first place? I doubt it, and I'll wager so does the NSA if you catch my drift... --Deviant -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBMeNvDDAJap8fyDMVAQG0cAf+MXQEE3sFOoymJOhnTegox58TK5Tc+iZj xK3qWObTvFwOTPzs0n9dgI60EJfxjjVmwiEvDWZQaNzxgxyCXLS6FFwrV8WHC5vT /HxGnskCU3gNTpDh5S2nsJk0Huhmj5snE1ViETIgyN9i1dUKt/KCHM+TXDOQvyd0 V25NnDgzHG6dVcLE7ATAoa/1p2XobEFB/ZOgiInYVr+tEO8EzIY3eoKKoOJ92le0 JrirB3NfXGBfEoajp34azxBs6549EKCqLI5vjfzNoMRFHVqKpmSJZLVwMTIOJ4Ks HE123I5xXx3heQrdNtzeg/m8XRKOko6HYkBrwNjgoO1+qW23LU89CA== =pCQy -----END PGP SIGNATURE-----