From: "Bob Atkinson (Exchange)" <bobatk@EXCHANGE.MICROSOFT.com>
Date: Wed, 5 Mar 1997 09:36:26 -0800 (PST)
To: "'gbroiles-nospam@netbox.com
Subject: RE: Microsoft Authenticode key security
Message-ID: <7D9A01DBBFD5CF11AD0F0000F8411F8A42697E@ROADKILL>
MIME-Version: 1.0
Content-Type: text/plain


Actually, and sort of to the point, no, the keys never actually ever the
BBN box, except as part of a backup procedure in which they are
extracted in a doubly-encrypted form for which for security reasons you
need the manufacturer's help in restoring.

To this day, no human or computer other than the box itself knows the
key.

	Bob

> -----Original Message-----
> From:	Toto [SMTP:toto@sk.sympatico.ca]
> Sent:	Wednesday, March 05, 1997 9:18 AM
> To:	gbroiles-nospam@netbox.com
> Cc:	cypherpunks@toad.com; Bob Atkinson (Exchange)
> Subject:	Re: Microsoft Authenticode key security
> 
> Greg Broiles wrote:
> > >From: "Bob Atkinson (Exchange)" <bobatk@EXCHANGE.MICROSOFT.com>
> > >Subject: Comments and corrections regarding Authenticode
> > >
> > >For those curious: at the present time, the private keys with which
> > >Microsoft signs code that it publishes are managed inside BBN
> SafeKeyper
> > >boxes housed in a guarded steel and concrete bunker. Even were a
> SafeKeyper
> > >to somehow be physically stolen, these cool little boxes have
> several
> > >elaborate internal defenses designed to have the box destroy itself
> rather
> > >than compromise its keys.
> 
>   Bob fails to mention, however, that, as a backup system, the keys
> are 
> also written on pieces of masking tape attached to the underside of
> his keyboard.
> -- 
> Toto
> http://bureau42.base.org/public/xenix/xenbody.html