On Wed, Sep 08, 1999 at 10:43:00AM +0930, Ben Nagy wrote:
> Am I the only one that doesn't know what this is about? Reference?
It is refering to the fact that a Public Key installed on any NT System is
called NSAKEY in the Degug-Symbol Table. Therefore ppl where guessing it is
a backdoor for the NSA. Actually the key (and a second MS one) is used to
authenticated "aproved" Crypo API Providers. It is rumored the Key is named
NSA because it can be used by the NSA t install new Crypto Algorithms in the
NT System without asking MS for permission.
The reason why MS has to approve Installation of Crypto Code into the Crypto
API Framework is, that MS has to lomit the Keysize, because of export
restrictions.
Funny enough the NSAKEY is well known and can be replaced quite easyly. So
european ISVs use it to install high-grade-crypto into the NT system without
asking MS for permission (which they are not allowed to give). So the "NSA
Backdoor" is more of a backdoor (from MS?) against export restrictions.
Of course the fact Keys are stored on your System where only MS or probaly
the NSA has access to makes one worry what else one can find in the MS
System.
http://www.microsoft.com/PressPass/press/1999/sept99/RSAPR.htm
Greetings
Bernd
--
Bernd Eckenfels - The Freefire Project - www.freefire.org
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
