This now makes sense. If the NSA can replace the key, anyone can and hence
strengthen their security. For example: only A and B have the same embedded
key & can communicate securly. Is this correct?
*-----Original Message-----
*From: [EMAIL PROTECTED]
*[mailto:[EMAIL PROTECTED]]On Behalf Of Bernd Eckenfels
*Sent: Friday, December 01, 2000 12:47 PM
*To: Ben Nagy
*Cc: '[EMAIL PROTECTED]'
*Subject: Re: Ben's Big Crypto Flamefest
*
*
*On Thu, Nov 30, 2000 at 04:21:01PM +1030, Ben Nagy wrote:
*> [Larry again]
*> > Actually there IS sort of a hole in MS Products (NT) concerning an NSA
*> > crypto key placed there BY Microsoft FOR the NSA.(documented)
*I believe
*> Ben
*> > N. or Bernd E. has more info on that. Or is anyone else familiar with
*> that?
*>
*> Assuming that I'm Ben N, please don't drag my name into THAT
*sorry bucket or
*> rumour and innuendo. I did enough research into that issue to convince
*> myself that it's bunk
*
*If I am Bernd E. all i know about that NSA Key is the claim from MS which
*makes sence. The NSA Key in the Microsofts Products is to allow the
*verification of Crypto Provider Libs. Since you need to digitally
*sign those
*libs to load them into windows the NSA wanted to avoid asking MS
*for signing
*their crypto stuff if they want to install it on federal computers.
*
*Funny enough the NSA key can be replaced very easyly. so commercial
*companies selling crypto stuff are using the NSA key for years to install
*crypto providers without the needed signature from MS.
*
*This is all about makin NT encryption stronger, not waeker :)
*
*Greetings
*Bernd
*-
*[To unsubscribe, send mail to [EMAIL PROTECTED] with
*"unsubscribe firewalls" in the body of the message.]
*
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
