Shades of the plaintext-embedded-in-the-executable Netscape "policy page"? Or is it just more stupid Microsoft crypto programming? Father Occam prefers the latter, but you never know... Cheers, RAH --- begin forwarded text Date: Fri, 3 Sep 1999 15:34:04 -0300 Reply-To: Law & Policy of Computer Communications <[EMAIL PROTECTED]> Sender: Law & Policy of Computer Communications <[EMAIL PROTECTED]> From: "Peter D. Junger" <[EMAIL PROTECTED]> Subject: Re: FW: Warning about Installation of Software -- Don't be fooled by NSA Rumors To: [EMAIL PROTECTED] Status: U Mark Shea writes: : There is a discussion of this issue at : http://www.slashdot.org/articles/99/09/03/0940241.shtml : <http://www.slashdot.org/articles/99/09/03/0940241.shtml> today. One of the : more informed and thoughtful posts (IMHO) was from a Windows coder who has : been working with this API for over a year. His/her comments can be seen at : http://www.slashdot.org/comments.pl?sid=99/09/03/0940241 : <http://www.slashdot.org/comments.pl?sid=99/09/03/0940241&cid=56> &cid=56 . : I recommend, however, you take a look at the whole discussion. It is fairly : lively. I always get lost on /. but I was able to read some of the messages and some of the original material posted on the Internet. Apparently this bit of stupidity is more of an opportunity than a threat. As I understand it, the various versions of MSWindows include a Crypto Applications Program Interface---I don't really know about this, being much to snobbish to use Microsoft products---where one can plug in encryption modules. But the government would not let Microsoft export its Windows systems with this API unless it was crippled so that one could not plug in strong crypto. So the solution was to require that any crypto software installed on a MSWindows machine had to be signed by Microsoft using a public key. (I'm not quite sure of the type of key that was used.) So this crypto API contains a key that can be used to make sure that Microsoft has signed an appplication, and if an application is strong crypto it won't be signed by Microsoft and thus will not run under MSWindows. If you remove this Microsoft key from your Windows box, then you can't run any crypto applications (that use the crypto API). But now it turns out that some genius added a second key, called apparently the NSAKEY, to the API and that a crypto apllication will run if it is signed by either of the keys. You can remove the NSAKEY and anything signed by Microsoft will still run, but programs signed by NSA won't run (unless, I guess, they are also signed by Microsoft). And---and this is the good part---you can not only remove the NSAKEY, you can replace it with your own key, and then run any crypto applications programs that you want, no matter how strong! This effectively allows one to ignore the export controls on crypto applications that run on MSWindows. At least that is my understanding. If I am right, the question becomes whether the replacable second key is the result of stupidity---or of sabotage. -- Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH EMAIL: [EMAIL PROTECTED] URL: http://samsara.law.cwru.edu NOTE: [EMAIL PROTECTED] no longer exists --- end forwarded text ----------------- Robert A. Hettinga <mailto: [EMAIL PROTECTED]> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'