> >http://www.cryptonym.com/hottopics/msft-nsa.html > > Perhaps more interestingly, the program lets you replace the key, too. Microsoft prevents third parties from installing un-authorized crypto code under CAPI by checking the signature on the code. Under their export deal, they refuse to sign anyone's non-US code that does strong crypto. So if you want to add your own strong crypto, you need to sign it with a key that the CAPI recognizes. You could patch out Microsoft's key but then the Microsoft modules won't load properly. It works better to patch out NSA's key with your own -- then you can load both your own crypto code and all the standard MS stuff. John
- NSA key in MSFT Crypto API Lucky Green
- Re: NSA key in MSFT Crypto API David U.
- Re: NSA key in MSFT Crypto API Matt Blaze
- RE: NSA key in MSFT Crypto API Tim Dierks
- RE: NSA key in MSFT Crypto API Lucky Green
- Re: NSA key in MSFT Crypto API Eric Murray
- Re: NSA key in MSFT Crypto API Robert Hettinga
- RE: NSA key in MSFT Crypto API Lucky Green
- RE: NSA key in MSFT Crypto API Salz, Rich
- RE: NSA key in MSFT Crypto API John Gilmore
- RE: NSA key in MSFT Crypto API Trei, Peter
- RE: NSA key in MSFT Crypto API William H. Geiger III
- Re: NSA key in MSFT Crypto API Markus Kuhn
- Re: NSA key in MSFT Crypto API Jay Holovacs
- Re: NSA key in MSFT Crypto API William H. Geiger III
- Re: NSA key in MSFT Crypto API Anonymous
- Re: NSA key in MSFT Crypto API Rich Salz
- RE: NSA key in MSFT Crypto API Phill Hallam-Baker
- RE: NSA key in MSFT Crypto API William H. Geiger III
- RE: NSA key in MSFT Crypto API Peter Gutmann