From: David Honig <honig@otc.net>
To: cypherpunks@toad.com
Message Hash: 79652c38aca6e3813fae2ab8849c17564cfd018da2098046fbae9dcc2e86560e
Message ID: <3.0.5.32.19980108090210.007a6820@206.40.207.40>
Reply To: N/A
UTC Datetime: 1998-01-08 18:25:19 UTC
Raw Date: Fri, 9 Jan 1998 02:25:19 +0800
From: David Honig <honig@otc.net>
Date: Fri, 9 Jan 1998 02:25:19 +0800
To: cypherpunks@toad.com
Subject: MS Server Gated Crypto: strong encryption w/ exportable browsers if the server is US-OK
Message-ID: <3.0.5.32.19980108090210.007a6820@206.40.207.40>
MIME-Version: 1.0
Content-Type: text/plain
The jist of http://eu.microsoft.com/industry/finserv/m_finserv/m_fordev_g.htm
is, MS has US permission to export a DLL containing 128-bit SSL *worldwide*
since
the encryption is enabled IFF there's a Verisign "SGC certificate" on the
*server*.
This apparently will work with Netscape servers in addition to IIS.
This facilitates gov't-trusted banks doing business with clients with
generic MS browsers.
And it facilitates MS's growth in the web world.
Thoughts:
Since US law (*) doesn't recognize digital IDs or the authority of
Verisign, this
implies the government has enforced some arbitrary judgement calls biassed
towards this system, no?
Additionally, the US would be seeming to trust the implementation in MS's
new DLL which
checks for and verifies signatures. All in all, some clever/cunning
positioning by MS.
This is set up for banks, and the certificates are strong. But they seem
like the weak
point --could a generic certificate be circulated amongst the Undesirables
so they
could enable this feature in IE browsers with the new DLL?
(*) I understand that the government of Utah now recognizes some form of
digital signatures.
------------------------------------------------------------
David Honig Orbit Technology
honig@otc.net Intaanetto Jigyoubu
"How do you know you are not being deceived?"
---A Compendium of Analytic TradeCraft Notes,
Directorate of Intelligence, CIA
Return to January 1998
Return to “David Honig <honig@otc.net>”
1998-01-08 (Fri, 9 Jan 1998 02:25:19 +0800) - MS Server Gated Crypto: strong encryption w/ exportable browsers if the server is US-OK - David Honig <honig@otc.net>