J._Andrés_Hall wrote: > Not really, because (in theory at least!) CryptoAPI CSPs > (Crypto Service Provider modules that implement the algos > offered by CryptoAPI) need to be digitally signed by Microsoft > in Redmond for your security and to keep the NSA from labelling > CryptoAPI as CWAH. Microsoft, in compliance with the NSA, > will only sign US CSP modules. Yeap. BUGTRAQ reported last month, that it's easy for a user to replace NSA key with his own key. This way anyone can sign a module. Regards, Mike ---- Michal Trojnara * +48 501 00 12 43 IT Security Officer * PTK Centertel ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]