Jim Bell writes:

Has it been established that Microsoft (is only/can only) sign crypto add-ons which are approved for export? Since there are no restrictions domestically, presumably Microsoft can sign anything it wants. If those versions ever manage to "sneak out" of the country, well that's too bad!

Here are some speculations based, in part, on my interpretation (repeat, MY INTERPRETATION) of discussion on code signing at last year's Java One conference: -- Only the vendor, physically located in the USA, will sign crypto add-ons. -- Since the add-ons are physically signed in the USA, the signed add-on must comply with all export regulations. I.e., no restriction on domestic use, various export control restrictions as appropriate to the crypto add-on. I would presume that the add-on would be distributed public-key encrypted, and could only be created by the holder of the corresponding private key (i.e. the operating-system vendor) and, furthermore, could only be run by an operating system that could decrypt the add-on package. A vendor could presumably export operating system variants that could not execute some subset of crypto add-ons because the variant lacks the ability to decrypt the package. In the long-term (3-5 years), I wouldn't be suprised to find the decryption capability moved onto the processor chip, making the problem of distribution strong crypto more difficult. Martin Minow minow@apple.com