Bugtraq mailing list archives
Re: NSA key in MSFT Crypto API
From: gnu () TOAD COM (John Gilmore)
Date: Fri, 3 Sep 1999 13:32:19 -0700
http://www.cryptonym.com/hottopics/msft-nsa.htmlPerhaps more interestingly, the program lets you replace the key, too.
Microsoft prevents third parties from installing un-authorized crypto
code under CAPI by checking the signature on the code. Under their
export deal, they refuse to sign anyone's non-US code that does strong
crypto. So if you want to add your own strong crypto, you need to sign
it with a key that the CAPI recognizes. You could patch out Microsoft's
key but then the Microsoft modules won't load properly. It works
better to patch out NSA's key with your own -- then you can load both
your own crypto code and all the standard MS stuff.
John
Current thread:
- Re: NSA key in MSFT Crypto API David U. (Sep 03)
- <Possible follow-ups>
- Re: NSA key in MSFT Crypto API Matt Blaze (Sep 03)
- Re: NSA key in MSFT Crypto API Tim Dierks (Sep 03)
- local users can lock the console Domingos Bruges (Sep 06)
- Re: local users can lock the console Felipe Gustavo de Almeida (Sep 08)
- Re: NSA key in MSFT Crypto API John Gilmore (Sep 03)
- Re: NSA key in MSFT Crypto API Markus Kuhn (Sep 04)