-----BEGIN PGP SIGNED MESSAGE----- At 01:13 AM 12/18/96 -0500, Marc Horowitz wrote:

You're right, you haven't looked at it closely. Although it doesn't have Key Escrow, new cryptosystems can only be added if they are signed by a private key held by Microsoft. Of course, Microsoft has agreed with the State Dept. to sign only export-"strength" crypto.

I should let Microsoft defend their own turf, but they told me they will sign anyone's CSP. Once the CSP is signed, Microsoft is off the export hook. It's now *your* problem to obey the export laws or keep your CSP inside the country. That's what's so brilliant about the MS CSP design. By getting them off the hook for enforcing export laws, they can write S/W to call the CSP and just plain ignore the export hassles. If you can't handle it yourself, delegate it! - Carl -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMrhda1QXJENzYr45AQH4CAP+Kv9cEqV3z1aRVTTdA4DcLyQSF0D59xip QUAJWXMZJomqX/qE4PduGG8OZbvgkmLfHwJrm6v1HbjndmLhbp9FnKHLT2i5IL1B ilkGGEvglc19SwprsGnjGYZRbjQRxbObQmr/Qc8R9Z5jWzAdpxsWM/vAXTvTkevT TIYnt7AvehA= =r+qm -----END PGP SIGNATURE----- +------------------------------------------------------------------+ |Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme | |CyberCash, Inc. http://www.cybercash.com/ | |207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 | |Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 | +------------------------------------------------------------------+