Duncan Campbell has provided his latest exchanges with Microsoft on the NSA_key, which Microsoft has now refused to continue (see letter below): http://cryptome.org/nsakey-ms-dc.htm ----- 12 May 2000 Dear Richard [Purcell, Director of Corporate Privacy, Microsoft], You will recall talking to me at the Computers Freedom and Privacy 2000 conference. You said then that you wished to resolve the questions that had been raised about the "NSA_key" in CAPI, and invited Mr Scott Culp to correspond with me and answer my questions. As will have seen, Mr Culp has now refused to continue the correspondence, after he was asked by me to provide specific, direct answers to questions I asked. He then offered as his reasons for so doing so a number of observations which simply did not stand up to scrutiny. When I pointed this out to him, he ceased to correspond entirely. This type of behaviour is not merely impolite, it is intellectually dishonest and evasive. It is bound to raise suspicion that Microsoft does have something serious to hide about its conduct. It further puts in question the integrity of MS systems offered for sale overseas. So far as I am concerned, if Microsoft now adopts a position of belligerent silence, I am more concerned about the security of its systems than I was when I spoke to you a month ago. Then, I was entirely open to the idea that Microsoft might be able to prove that its conduct could be innocently explained. I now observe that this, apparently, is not the case. If you confirm that that is the position, so be it. The issue will not die, even if you now wish to hide from it. Next month, it is expected that European Parliament will set up a temporary committee to look further issue into the information security and surveillance matters which have aroused much concern over the past 2 years. The subject of the security of US software including this issue, will be on its agenda. Yours sincerely, Duncan Campbell
