exporting signatures only/CAPI (was Re: Why not PGP?)
Ian Goldberg
iang at cs.berkeley.edu
Thu Oct 17 13:27:55 PDT 1996
-----BEGIN PGP SIGNED MESSAGE-----
In article <199610130802.JAA00335 at server.test.net>,
Adam Back <aba at dcs.ex.ac.uk> wrote:
>
>What exactly is microsoft certifying when they sign a CAPI module?
>
>That it is quality crypto? Has no obvious bugs? That it won't crash
>your system?
I remember hearing (if my memory is correct, from the mouth of a Microsoft
employee at Crypto '96) that when Microsoft signs a module, they are certifying
that they saw a signed sheet of paper swearing that either
(1) you won't export the software, or
(2) you have received an appropriate export license.
AFAIK, they don't even read the code.
- Ian
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMmaWoEZRiTErSPb1AQEsrQP/V8fxGzqySpul2UKQLHDcNeY23UFVibvo
weLgaoEdTE40+A7iKfEUyQe6LUvDKKO+HPdxO2jfq9rdT+QUFpm0e0VI8j8kaUQS
6M05fRV/Q66YlmTspiz0jfyGOLauYAtlh8ow+fftAdfUGnb9vN4ODsT8z0Vd59xc
nsAFH9UihU8=
=QIJT
-----END PGP SIGNATURE-----
More information about the cypherpunks-legacy
mailing list