Brian Gladman, a UK cryptographer, writes today on UK Crypto:
I am always surprised about just how long it takes to recognise the
political implications of simple technological decisions. The Microsoft CAPI
issue is well over ***three years old*** and to illustrate this here is a
URL for a paper that I wrote in early 1996 to try and get action from the UK
government and from the EU when this issue first arose:
http://www.seven77.demon.co.uk/capi.pdf [*]
In my view the real issue here is not an NSA backdoor (I doubt that one
exists in the form postulated) but rather the principle that Microsoft
should allow the US government to impose its cryptographic export controls
on other sovereign countries by controlling access to the relevant
interfaces for integrating cryptographic Service Providers (CSPs) into
Windows.
When this was topical back in 1996 I objected vigorously to this approach
(with ***support*** from GCHQ/CESG!) It took a lot of effort but the UK,
at least, did establish a Microsoft UK based capability for signing
cryptographic modules separate from that in the US.
I might also add that I had access in the UK to the Microsoft CSPDK
(Cryptographic Service Provider Developer Kit) in 1997 and the keys now
being discussed were openly a part of the CSPDK at the time. If this was
an NSA backdoor then they did not make a very good job of hiding it!
Hence, while I believe that Microsoft should be criticised for allowing
itself to be used by the US government to impose extra-territorial controls
on crypto, I am very doubtful that they co-operated in the provision of any
backdoor of the form now proposed.
Brian
-----
* We offer Brian's paper in HTML:
http://jya.com/msnsa-not.htm
