From: Mike Ingle <inglem@adnetsol.com>
To: cypherpunks@toad.com
Message Hash: 1b6504e2dbd06ea1687bdc7915246c7fb4174fef71797ef299f588f2623ea919
Message ID: <199607100645.XAA03352@adnetsol.adnetsol.com>
Reply To: <199607100335.UAA01215@mail.pacifier.com>
UTC Datetime: 1996-07-10 09:42:18 UTC
Raw Date: Wed, 10 Jul 1996 17:42:18 +0800
From: Mike Ingle <inglem@adnetsol.com>
Date: Wed, 10 Jul 1996 17:42:18 +0800
To: cypherpunks@toad.com
Subject: Re: MSoft crypto API's
In-Reply-To: <199607100335.UAA01215@mail.pacifier.com>
Message-ID: <199607100645.XAA03352@adnetsol.adnetsol.com>
MIME-Version: 1.0
Content-Type: text/plain
It's even easier than that. Remember, signatures are detachable from the
data. You import the software, MS signs it, you export the signature, and
reattach it to the software.
Mike
> Couldn't somebody IMPORT a piece of encryption software, have it signed by
> Microsoft, then take the XOR of the signed and unsigned software and export
> it? (It's not a tool capable of encryption...)
>
> Or: Microsoft presumably has foreign branches, or at least it could easily
> afford to set up one. What's to stop Microsoft from signing foreign
> encryption software outside of the US? The software is never exported
> (since it's already outside the country...), so there's no USA-law involv
> ement.
> Jim Bell
> jimbell@pacifier.com
>
Return to July 1996
Return to “The Deviant <deviant@pooh-corner.com>”