Microsoft CAPI
Jim McCoy
mccoy at communities.com
Wed Oct 9 13:09:22 PDT 1996
Mike McNally <m5 at tivoli.com> writes:
>Ravi Pandya wrote:
>> ... You can't load an encryption engine into Windows 95 or
>> Windows NT unless that engine has been specially signed by
>> Microsoft's corporate key.
>
>And so what happens when the Microsoft key is compromised? It might
>be hard to break by purely cryptographic means, but surely there are
>some people at Microsoft who aren't millionaires.
But who may want to be, eh? :)
Actually it is also possible to use a much more overt route and just
patch around anything which is doing the signature checking (possibly
on just a temporary basis if the checks are only made when the engine
is first loaded.)
jim
More information about the Testlist
mailing list