[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Microsoft Authenticode key security

To: [email protected]
Subject: Re: Microsoft Authenticode key security
From: Toto <[email protected]>
Date: Wed, 05 Mar 1997 11:18:00 -0600
CC: [email protected], "Bob Atkinson (Exchange)" <[email protected]>
Organization: TOTO Enterprises
References: <[email protected]>
Reply-To: [email protected]
Sender: [email protected]

Greg Broiles wrote:
> >From: "Bob Atkinson (Exchange)" <[email protected]>
> >Subject: Comments and corrections regarding Authenticode
> >
> >For those curious: at the present time, the private keys with which
> >Microsoft signs code that it publishes are managed inside BBN SafeKeyper
> >boxes housed in a guarded steel and concrete bunker. Even were a SafeKeyper
> >to somehow be physically stolen, these cool little boxes have several
> >elaborate internal defenses designed to have the box destroy itself rather
> >than compromise its keys.

  Bob fails to mention, however, that, as a backup system, the keys are 
also written on pieces of masking tape attached to the underside of
his keyboard.
-- 
Toto
http://bureau42.base.org/public/xenix/xenbody.html

References:
- Microsoft Authenticode key security
  - From: [email protected] (Greg Broiles)

Prev by Date: Re: ECPA/1997: the other shoe?
Next by Date: RE: Microsoft Authenticode key security
Prev by thread: Microsoft Authenticode key security
Next by thread: RE: Microsoft Authenticode key security
Index(es):
- Date
- Thread