MSoft crypto API's

Mike Ingle inglem at adnetsol.com
Wed Jul 10 02:42:18 PDT 1996


It's even easier than that. Remember, signatures are detachable from the 
data. You import the software, MS signs it, you export the signature, and 
reattach it to the software.

						Mike

> Couldn't somebody IMPORT a piece of encryption software, have it signed by 
> Microsoft, then take the XOR of the signed and unsigned software and export 
> it?  (It's not a tool capable of encryption...)
> 
> Or:  Microsoft presumably has foreign branches, or at least it could easily 
> afford to set up one.  What's to stop Microsoft from signing foreign 
> encryption software outside of the US?  The software is never exported 
> (since it's already outside the country...), so there's no USA-law involv
> ement.
> Jim Bell
> jimbell at pacifier.com
> 








More information about the cypherpunks-legacy mailing list