This IS NOT a back door, its merly a way for nsa to use there own crypto in
ms products, the folly in the matter is, that it allows people that the US
Gov doesnt want useing strong crypto to insert there own code also, now that
the CSA is known.
----excerpt from message to bugtraq from Markus Kuhn----------------
The NSA got their own CSP verification key, because they want to be able
to change their own secret US government CSPs required for the handling
of classified documents, without having to go to Microsoft each time to
get a signature for an NSA CSP update. Fair enough. So Microsoft built
in a second verification key such that the NSA can produce and install
on DoD PCs their own CSPs without requiring any Microsoft involvement.
The real funny part is that Microsoft did not protect the NSA key
particularly well, such that everyone can easily replace the NSA key
easily with his own key. This was reported by Nicko van Someren at the
Crypto'98 rump session. This means that everyone can now easily install
his own CSPs with arbitrarily strong cryptography. This means that the
NSA's demand to get quickly a second key added led in effect to the easy
international availability of strong encryption CSPs. My guess is that
this is Microsoft's sweet revenge against the NSA for creating all these
Export hassles (e.g., the requirement that CSPs be signed) in the first
place. It backfired nicely against the NSA. :)
----excerpt from message to bugtraq from Markus Kuhn----------------
Sam James
>
> Am I the only one that doesn't know what this is about? Reference?
>
> (feeling lazy for not doing own research)
>
> --
> Ben Nagy
> >
> > While this topic is still evolving, have any of the firewall
> > vendors done
> > any looking around to see if the Microsoft/NSA back door that
> > was revealed
> > last week would enable the NSA to blow a hole into their NT
> > based firewall
> > products or not? And if not, why not?
> >
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
