'Re: Cryptographic Instability and the MS Enhanced Provider'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    Re: Cryptographic Instability and the MS Enhanced Provider
From:       Bill Brice <Bill.Brice () IDTRUST ! COM>
Date:       1998-07-28 15:29:24
[Download RAW message or body]


Sebastien,

It is my understanding Outlook 98 requires a CSP to be
of type 001 and fully compatible with the MS "Base" Provider.
As you are in France, if you have the Microsoft French version
you can't do encryption as it is generally prohibited in France
without a special permit. The MS Enhanced CSP in only available in
the US and Canada.

Bill Brice, Chief PKI Architect
International DataTrust

> -----Original Message-----
> From: Sebastien PERRET [mailto:perret@LOTUS.CISI.FR]
> Sent: Tuesday, July 28, 1998 2:41 AM
> To: CryptoAPI@DISCUSS.MICROSOFT.COM
> Subject: Re: Cryptographic Instability and the MS Enhanced Provider
>
>
> Hi,
>
> please can you answer those questions :
>
> Where can I find the Microsoft Enhanced Provider ?
> it was not installed on my computer with the standard
> application using
> security.
>
> Do you know which Provider type(s) is used by Outlook 98 ?
>
> I'm currently writing a CSP (just for testing csp's
> substitutability or
> addition ), is there a problem with
> setting up ANY CSP other that the MS Base Provider as the default Type
> 001 provider?
> It is recommended that a new CSP of  type 001 must be fully compatible
> with the PROV_RSA_FULL ,
> is it really unavoidable to operate another type of cryptography?
>
> Is there some hope that I can make outlook 98 use MY new CSP's type ?
>
>
> Thanks,
>
>     Sebastien PERRET
>     3, rue Le Corbusier
>     94578 Rungis
>     (France)
>
>
>
> Richard Harrington wrote:
>
> > The Microsoft Enchanced Provider is not completely backward
> compatible
> > with
> > the Microsoft Base Provider, essentially the problem lies
> in symmetric
> > key
> > sizes.  Therefore, it is possible that setting the
> Microsoft Enhanced
> > Provider as the default provider may cause problems.  In current
> > releases of
> > Internet  Explorer (IE) if the Microsoft Base Provider is
> the default
> > then
> > it is not possible to import large (greater than 512 bit) private
> > keys, this
> > will be fixed in future releases.  Setting the Microsoft Enhanced
> > Provider
> > to the default allows currently released versions of IE to
> imprt large
> > keys.
> > You can substitute other CSPs as the type 001, but that CSP must be
> > fully
> > compatible with the base provider.
> >
> > > -----Original Message-----
> > > From: Bill Brice [mailto:Bill.Brice@IDTRUST.COM]
> > > <mailto:[mailto:Bill.Brice@IDTRUST.COM]>
> > > Sent: Monday, July 27, 1998 10:19 AM
> > > To:   CryptoAPI@DISCUSS.MICROSOFT.COM
> > > Subject:      Cryptographic Instability and the MS
> Enhanced Provider
> >
> > >
> > > At a recent industry interoperability event, Microsoft developers
> > > responsible for certain client products which use CryptoAPI stated
> > that:
> > > If the MS Enhanced Provider is installed as the default
> > PROV_RSA_FULL
> > > (type 001) provider, it would leave the machine "cryptographically
> > > unstable". It was suggested that MS software expects to
> see the Base
> >
> > > Provider as the default and will use the Enhanced Provider for
> > certain
> > > functions, if present.
> > > However, a few months ago, Blair Dillaway stated on this list that
> > the
> > > enhanced provider could/should be enabled as the default Type 001
> > > provider, if installed.
> > > Which is correct, and is there a problem with setting up ANY CSP
> > other
> > > that the MS Base Provider as the default Type 001
> provider? Thanks.
> > > Bill Brice, Chief PKI Architect
> > > International DataTrust
> > >
> > > ----------------------------------------------------------------
> > > Users Guide http://www.microsoft.com/workshop/essentials/mail.asp
> > > contains important info including how to unsubscribe.  Save time,
> > search
> > > the archives at http://discuss.microsoft.com/archives/index.html
> >
> > ----------------------------------------------------------------
> > Users Guide http://www.microsoft.com/workshop/essentials/mail.asp
> > contains important info including how to unsubscribe.  Save time,
> > search
> > the archives at http://discuss.microsoft.com/archives/index.html
>
> ----------------------------------------------------------------
> Users Guide http://www.microsoft.com/workshop/essentials/mail.asp
> contains important info including how to unsubscribe.  Save
> time, search
> the archives at http://discuss.microsoft.com/archives/index.html
>

----------------------------------------------------------------
Users Guide http://www.microsoft.com/workshop/essentials/mail.asp
contains important info including how to unsubscribe.  Save time, search
the archives at http://discuss.microsoft.com/archives/index.html

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic