On Thu, Nov 30, 2000 at 04:21:01PM +1030, Ben Nagy wrote:
> [Larry again]
> > Actually there IS sort of a hole in MS Products (NT) concerning an NSA
> > crypto key placed there BY Microsoft FOR the NSA.(documented) I believe
> Ben
> > N. or Bernd E. has more info on that. Or is anyone else familiar with
> that?
>
> Assuming that I'm Ben N, please don't drag my name into THAT sorry bucket or
> rumour and innuendo. I did enough research into that issue to convince
> myself that it's bunk
If I am Bernd E. all i know about that NSA Key is the claim from MS which
makes sence. The NSA Key in the Microsofts Products is to allow the
verification of Crypto Provider Libs. Since you need to digitally sign those
libs to load them into windows the NSA wanted to avoid asking MS for signing
their crypto stuff if they want to install it on federal computers.
Funny enough the NSA key can be replaced very easyly. so commercial
companies selling crypto stuff are using the NSA key for years to install
crypto providers without the needed signature from MS.
This is all about makin NT encryption stronger, not waeker :)
Greetings
Bernd
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
