[117538] in Cypherpunks
Re: IP: two more on NSA KEy one from Spafford and one from MS
daemon@ATHENA.MIT.EDU (William H. Geiger III)
Sun Sep 5 09:54:15 1999
Date: Sun, 5 Sep 1999 09:40:30 -0400
Message-Id: <199909051340.JAA06073@domains.invweb.net>
From: "William H. Geiger III" <whgiii@openpgp.net>
To: Multiple recipients of list <cypherpunks@openpgp.net>
Reply-To: "William H. Geiger III" <whgiii@openpgp.net>
In <v04210137b3f8117fb59c@[204.167.100.144]>, on 09/05/99
at 09:05 AM, Robert Hettinga <rah@shipwright.com> said:
>Well, it is always easier to believe a conspiracy theory or dark designs.
>However, there may be alternative explanations.
I have an alternative theory that the M$ spin doctors are sure not to
bring up:
What if the CAPI keys are being used for things other than signing code?
Here is the scenario:
You want a back door built into the system, either at the OS level,
network level, and/or application level but you don't want anyone but
yourself to be able to use it? What better way to do so than to make use
of PK authentication.
Why 2 keys? Well M$ is smart enough to know not to give out their private
key so they install a second key. Perhaps the second key will allow only a
subset of the control & snooping functionality that the M$ primary key
does.
Why a 3rd key in Winbloat 2000? A key for the FBI perhaps? After all
wouldn't expect the NSA & the FBI to be sharing now would we?
The real security issue here is that no one knows what M$ is doing with
their code. What we do know is that they have shown their incompetents
every time a security issue presents itself.
--
---------------------------------------------------------------
William H. Geiger III http://www.openpgp.net
Geiger Consulting Cooking With Warp 4.0
Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html
Talk About PGP on IRC EFNet Channel: #pgp Nick: whgiii
Hi Jeff!! :)
---------------------------------------------------------------