From: Tom Johnston <tomj@microsoft.com>
To: cypherpunks@toad.com
Message Hash: c05179b01fc756fd0715e3f759fbcd561bed62e1915b059132f71297d1a69114
Message ID: <red-32-msg960118010931MTP[01.52.00]000000b5-14416>
Reply To: N/A
UTC Datetime: 1996-01-18 18:33:14 UTC
Raw Date: Fri, 19 Jan 1996 02:33:14 +0800
From: Tom Johnston <tomj@microsoft.com>
Date: Fri, 19 Jan 1996 02:33:14 +0800
To: cypherpunks@toad.com
Subject: FW: CrytoAPI on Cypherpunks
Message-ID: <red-32-msg960118010931MTP[01.52.00]000000b5-14416>
MIME-Version: 1.0
Content-Type: text/plain
General comments: please take a look at our web page:
http://www.microsoft.com/intdev/inttech/cryptapi.htm, and
e-mail cryptapi.com with questions.
Comments in-line >>> below.
>From: Matt Blaze <mab@research.att.com>
To: cypherpunks@toad.com
Subject: Microsoft's CAPI
Date: Wed, 17 Jan 1996 10:02:27 -0500
I attended a meeting at Microsoft the other day at which they
described their Crypto API project. As CAPIs go, it's reasonable
enough; nothing particularly exciting about it or especially wrong
with it (though they don't yet support nonblocking calls to crypto
modules).
>>> We received several requests at the design review to add
>>> non-blocking calls. We're looking to add this.
... They have
(or will have soon) an application development kit to allow you to
write code that uses the API, and a CSP development kit to let you
write the crypto functions.
>>> Doc's and sample code from the SDK are available now on
>>> our web page: http://www.microsoft.com/intdev/inttech/cryptapi.htm.
>>> Please e-mail cryptapi@microsoft.com if you're interested in a
>>> CSP development kit.
...One important
issue is whether MS will really sign anyone's CSP or whether they will
start charging high fees or making business-based decisions on who's
CSPs they will allow (with they sign Netscape's CSP, for example).
They say they won't even look or keep a copy of your CSP (at my
suggestion, they are probably going to change the process so that you
send them a hash of your CSP instead of your CSP code when you get the
signature). For now they promise to sign CSPs for anyone who returns
the export certificate, at no charge.
>>> We won't charge high fees (right now, it's free!). Our policy is
>>> simple: we'll sign the CSP of anyone who follows the rules.
>>> Yes, we would sign a CSP from Netscape if they follow the rules.
>>>We won't look at or keep a copy of the CSP, and
>>> we won't tell your competitors about it (unless you ask us to).
... They
say that the API kit will not be export-controlled but the CSP kit
will be.
>>> The SDK is not export-controlled. The CSP development
>>> kit is export-controlled.
Return to January 1996
Return to “Tom Johnston <tomj@microsoft.com>”
1996-01-18 (Fri, 19 Jan 1996 02:33:14 +0800) - FW: CrytoAPI on Cypherpunks - Tom Johnston <tomj@microsoft.com>