[117670] in Cypherpunks

home help back first fref pref prev next nref lref last post

Re: NSA key in MSFT Crypto API

daemon@ATHENA.MIT.EDU (K. M. Ellis)
Wed Sep 8 16:40:53 1999

Date: Wed, 8 Sep 1999 12:52:06 -0400 (EDT)
From: "K. M. Ellis" <protozoa@tux.org>
To: "David U." <davidu@electriciti.com>
cc: Lucky Green <shamrock@cypherpunks.to>,
        "cypherpunks@Algebra. COM" <cypherpunks@Algebra.COM>,
        "Cryptography@C2. Net" <cryptography@c2.net>,
        bugtraq@securityfocus.com
In-Reply-To: <003901bef634$923483c0$f493c1d0@david>
Message-ID: <Pine.LNX.4.10.9909081250330.20856-100000@gwyn.tux.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Reply-To: "K. M. Ellis" <protozoa@tux.org>

On Fri, 3 Sep 1999, David U. wrote:

> --Here's a question.  What proof is there that _NSAKEY means it was from the
> NSA?  Could it not stand for Network System Authority, just as LSA stands
> for Local System Authority?  I think something more conclusive is needed
> before we jump the gun.

You may be right, but I'd actually feel _better_ about this whole thing if
the NSA were harvesting and keeping keys than if MSFT was.  At least I can
be fairly certain that the NSA's databases are reasonably secure..not so
for MS.

(hardy har har)

    --------- K. Ellis -- KB3CWP  --  protozoa@tux.org  -------------
	Meddle not in the affairs of sysadmins, for they are quick
	 to anger and have not need for subtlety.
          http://www.tux.org/~protozoa -- Personal Page 
          http://www.privacy.org -- The Privacy News Portal
    -----------------------------------------------------------------


home help back first fref pref prev next nref lref last post