Microsoft's CAPI
Alan Bostick
abostick at netcom.com
Wed Jan 17 16:08:00 PST 1996
-----BEGIN PGP SIGNED MESSAGE-----
In article <199601171502.KAA16060 at nsa.tempo.att.com>,
Matt Blaze <mab at research.att.com> wrote:
> The OS will not load just any old CSP. CSPs have to be signed by
> Microsoft. The kernel contains a (hardcoded?) 1024 RSA public key
> that it uses to check the signature when the user tries to load a CSP.
> If the signature check fails, the CSP won't load. Microsoft says it
> will sign any CSP from anyone AS LONG AS THEY CERTIFY THAT THEY WILL
> FOLLOW THE EXPORT RULES. So you can get your CSP signed if you use
> exportable cryptography or if you agree not to send it outside the US
> and Canada, etc. But an end user can't just compile crypto code and
> use it as a CSP, even for his or her own use, without getting it
> signed by Microsoft first (actually, the CSP development kit does
> allow this, but it uses a special version of the OS).
The next obvious question is: Will Microsoft sign strong-crypto CSPs
developed by foreign developers for out-of-USA use?
- --
Alan Bostick | He played the king as if afraid someone else
Seeking opportunity to | would play the ace.
develop multimedia content. | John Mason Brown, drama critic
Finger abostick at netcom.com for more info and PGP public key
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQB1AwUBMP09JuVevBgtmhnpAQHbyQMAw3yh1qhIrBD0RF2ppiiiJnwJkF45qMKm
vsjXXZY92dJPbdLcOebxBRPCBxpyRSVqVKsy6QPA0KsYdLIgFt+ziFYWRrv3PFjz
f3Jf2dg+rhJ6G4dhDhTqp4/pdUT0huzy
=78Il
-----END PGP SIGNATURE-----
More information about the cypherpunks-legacy
mailing list