Microsoft Authenticode key security

Toto toto at sk.sympatico.ca
Wed Mar 5 09:32:14 PST 1997


Greg Broiles wrote:
> >From: "Bob Atkinson (Exchange)" <bobatk at EXCHANGE.MICROSOFT.com>
> >Subject: Comments and corrections regarding Authenticode
> >
> >For those curious: at the present time, the private keys with which
> >Microsoft signs code that it publishes are managed inside BBN SafeKeyper
> >boxes housed in a guarded steel and concrete bunker. Even were a SafeKeyper
> >to somehow be physically stolen, these cool little boxes have several
> >elaborate internal defenses designed to have the box destroy itself rather
> >than compromise its keys.

  Bob fails to mention, however, that, as a backup system, the keys are 
also written on pieces of masking tape attached to the underside of
his keyboard.
-- 
Toto
http://bureau42.base.org/public/xenix/xenbody.html







More information about the cypherpunks-legacy mailing list