On Sun, 17 Mar 1996 jamesd@echeque.com wrote:
At 06:27 PM 3/17/96 EST, Dr. Dimitri Vulis wrote:
I wonder if it's worth it to crack their approval mechanism so we can add our own crypto subsystems without asking Microsoft's approval. [...] Wait until Microsoft makes some oppressive decisions, or is compelled to make some oppressive decisions.]
I do not expect that any cracking will be needed. Microsoft will approve a freeware module for use in America, and then, alas alas, someone will leak it.
If the only goal is to allow international strong crypto using the CryptoAPI, then I agree with the above. However, exploring the CryptoAPI internals now, while there is still a possibility that they can be changed, is a productive undertaking to the extent that it exposes holes. If the good guys can find a way to plug an unapproved international strong-crypto module into the CryptoAPI, then the bad guys can find a way plug in a no-crypto virus or trojan horse. -rich@c2.org http://www.c2.org/hackmsoft/ and other cool stuff