Re: MSoft crypto API's

[jim bell <jimbell@pacifier.com>]

At 04:51 AM 7/10/96 +0000, Deranged Mutant wrote:
>On  9 Jul 96 at 20:34, jim bell wrote:
>[..]
>> Unexplained:   What if the program Microsoft is asked to sign is not 
>> intended for export?  Presumably, NSA has no authority, then, and thus 
>
>They could insist on only signing exportable software, and in theory 
>use that as ITAR-relaxing leverage.
>
>Methinks it's a bad move to only have MS sign software... presumably 
>they won't outright refuse to sign competitors software.  It would be 
>a conflict of interest for them not to... very usable as evidence 
>against MS in an anti-trust suit.  Independent CA's would be better.

Yes, that's the anti-trust vulnerability I mentioned.  It is unclear if 
Microsoft could legitimately refuse to sign any software presented to it, 
regardless of its legal exportability.


>IMO, it gives a false sense of sucurity to even require crypto apps 
>to be signed.  A lot of folks would want a developer's kit (probably 
>cost $$$) to get around that requirement... nice loophole, BTW, for 
>those that can afford it.  Or until somebody patches the code to 
>ignore bad signatures of lack of them and releases the patch.

I'm sure that will happen!


>> presumably Microsoft shouldn't be able to refuse to sign anything they're 
>> asked.
>
>Why? Assuming there were no export restrictions... if it's signed by 
>MS, people will take it to mean that MS is vouching for it.  If they 
>sign a library that does 'naughty things' or is an incredibly 
>incompetant implementation of an algorithm, it could turn out to be 
>bad PR for them.  (Hm... they could use this as an excuse to read 
>competitor's source code.)

What MS would be signing for is the GENUINENESS of the software, not its 
effectiveness.  Sorta analogous to key-signatures in PGP.




Jim Bell
jimbell@pacifier.com