cryptoanarchy.wiki

Arise, you have nothing to lose but your barbed wire fences!

1996-07-10 - Re: MSoft crypto API’s

Header Data

From: jim bell <jimbell@pacifier.com>
To: “Deranged Mutant” <WlkngOwl@unix.asb.com>
Message Hash: ba589c2a20e572de6b7351e5494ca4591e77dd467a28e84a213acfc0bb27034f
Message ID: <199607101545.IAA29371@mail.pacifier.com>
Reply To: N/A
UTC Datetime: 1996-07-10 20:49:46 UTC
Raw Date: Thu, 11 Jul 1996 04:49:46 +0800

Raw message

From: jim bell <jimbell@pacifier.com>
Date: Thu, 11 Jul 1996 04:49:46 +0800
To: "Deranged Mutant" <WlkngOwl@unix.asb.com>
Subject: Re: MSoft crypto API's
Message-ID: <199607101545.IAA29371@mail.pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:51 AM 7/10/96 +0000, Deranged Mutant wrote:
>On  9 Jul 96 at 20:34, jim bell wrote:
>[..]
>> Unexplained:   What if the program Microsoft is asked to sign is not 
>> intended for export?  Presumably, NSA has no authority, then, and thus 
>
>They could insist on only signing exportable software, and in theory 
>use that as ITAR-relaxing leverage.
>
>Methinks it's a bad move to only have MS sign software... presumably 
>they won't outright refuse to sign competitors software.  It would be 
>a conflict of interest for them not to... very usable as evidence 
>against MS in an anti-trust suit.  Independent CA's would be better.

Yes, that's the anti-trust vulnerability I mentioned.  It is unclear if 
Microsoft could legitimately refuse to sign any software presented to it, 
regardless of its legal exportability.


>IMO, it gives a false sense of sucurity to even require crypto apps 
>to be signed.  A lot of folks would want a developer's kit (probably 
>cost $$$) to get around that requirement... nice loophole, BTW, for 
>those that can afford it.  Or until somebody patches the code to 
>ignore bad signatures of lack of them and releases the patch.

I'm sure that will happen!


>> presumably Microsoft shouldn't be able to refuse to sign anything they're 
>> asked.
>
>Why? Assuming there were no export restrictions... if it's signed by 
>MS, people will take it to mean that MS is vouching for it.  If they 
>sign a library that does 'naughty things' or is an incredibly 
>incompetant implementation of an algorithm, it could turn out to be 
>bad PR for them.  (Hm... they could use this as an excuse to read 
>competitor's source code.)

What MS would be signing for is the GENUINENESS of the software, not its 
effectiveness.  Sorta analogous to key-signatures in PGP.




Jim Bell
jimbell@pacifier.com

Thread