Re: Is Microsoft Violating Cryptography Export Restrictions

Rohit Khare (khare@w3.org)
Thu, 4 Sep 1997 02:01:05 -0400 (EDT)


The basic premise of crypto export control is that protecting our
assets is GOOD, hiding yours is BAD. Signatures and non-hiding
applications sail through the process. Financial transaction
protection sails through. Transfers to US-owned subsidaries under US
jurisdiction sails through.

The hard work here was engineering the MS crypto API so the RSA
function calls for signature can't be perverted into encrypting.
The trick is that the actual provider snap-in module for your
algorithm must be signed by Microsoft to be accepted by the OS.

Rohit