[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Microsoft CAPI

To: [email protected]
Subject: Microsoft CAPI
From: Ravi Pandya <[email protected]>
Date: Wed, 09 Oct 1996 08:22:46 -0700
Sender: [email protected]

>From today's HotWired Packet http://www.packet.com:

"Today Microsoft is using similar technology as part of its Cryptography
API: You can't load an encryption engine into Windows 95 or Windows NT
unless that engine has been specially signed by Microsoft's corporate key.
The reason for this restriction, says the company, is the Clinton
administration: Microsoft couldn't have gotten export permission for its
operating systems if users could easily plug in crypto engines that hadn't
been approved. "

This is disturbing, if true, though I suspect there is also a less ominous
reason: you certainly want your cryptography provider to be trusted, and you
want to be sure the code has not been altered. The implications really
depend on Microsoft's policy on signing cryptography engines, and whether
they allow a way to delegate signature authority.

Ravi

Follow-Ups:
- Re: Microsoft CAPI
  - From: Mike McNally <[email protected]>

Prev by Date: Re: pgp, edi, s/mime
Next by Date: Re: Missionaries
Prev by thread: DSP wrinkle removal (was Voice Stress Analysis of Debates?)
Next by thread: Re: Microsoft CAPI
Index(es):
- Date
- Thread