-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Gerck Sent: 10 août 2004 13:42 To: [EMAIL PROTECTED] Subject: Re: Microsoft .NET PRNG (fwd)
>The PRNG should be the least concern when using MSFT's cryptographic >provider. The MSFT report 140sp238.pdf says: > > RSAENH stores keys in the file system, but relies upon Microsoft > Windows XP for the encryption of the keys prior to storage. Yes that's true. The security policy explains that the safeguarding of private keys is done outside the crypto boundary. (as someone mentioned to me in personal email you need to have a look at the fine print of such accreditations, this is an example of a fine print). Note however that the OS uses the crypto provider to encrypt the private key using a secret that is generated based on (or protected by a key generated based on, don't remember off the top of my head) the user's password. The strength of the system is based on the user's Windows password, which I think is reasonable (anyone who can login as the user can use his private keys, stored in his container, anyways)... --Anton --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]