[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    Re: Usefully Exporting Keys
From:       Samuel James Liddicott <sam () CAMPBELLSCI ! CO ! UK>
Date:       1998-01-26 15:53:25
[Download RAW message or body]


-----Original Message-----
From: Alan Braggins <armb@NCIPHER.COM>
To: CryptoAPI@DISCUSS.MICROSOFT.COM <CryptoAPI@DISCUSS.MICROSOFT.COM>
Date: 26 January 1998 11:55
Subject: Re: Usefully Exporting Keys


>You might want to read
>http://www.cs.auckland.ac.nz/~pgut001/pubs/breakms.txt
>"How to recover private keys for Microsoft Internet Explorer,
>Internet Information Server, Outlook Express, and many others"


Gosh!  Is it even worth me pressing on with the S/MIME experiment here?
It seems like the whole scheme is nothing better than:

"Oh, Mr Director, its MOST CERTAINLY secure, unless a hacker gets you -
which nobody wil believe and you'll get the blame"

to the old fashioned "No its not secure and we all know it."

Which is really the most secure?  The former is more secure in that it is
harder to spoof, but less secure in that the spoof will be trusted.

Sam Liddicott                   |   Nothing I say is to be attributed as |
Campbell Scientific Ltd.        | a company statement or representation. |
Campbell Park, 80 Hathern Road, *----------------------------------------+
Shepshed, Leic. United Kingdom. LE12 9AL        Phone: +44 (0) 1509 601141
Email: sam@campbellsci.co.uk                    Fax:   +44 (0) 1509 601091

----------------------------------------------------------------
Users Guide http://www.microsoft.com/sitebuilder/resource/mailfaq.asp
contains important info including how to unsubscribe.  Save time, search
the archives at http://microsoft.ease.lsoft.com/archives/index.html

[prev in list] [next in list] [prev in thread] [next in thread]