[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    Re: Doubt about CSP signing policy
From:       Laszlo Elteto <lelteto () RAINBOW ! COM>
Date:       2002-06-26 15:13:31
[Download RAW message or body]


It depends on how you check the other DLL(s) from your CSP. If you use
Microsoft's function (service) than Ms has to sign the other dlls as =
well.
If you use your own private key to sign them and use your own routine =
and
YOUR public key (embedded into your CSP) than obviously you have to =
sign.
It's your design choice. If you go with the second option you need to =
do
more work...

Laszlo Elteto
Fellow Scientist
Rainbow Technologies, Inc.

-----Original Message-----
From: SUBSCRIBE CryptoAPI Fernando [mailto:fbarranquero@SERMEPA.ES]
Sent: Wednesday, June 26, 2002 12:38 AM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: Doubt about CSP signing policy


Hi,

I have a doubt about Microsoft's signing procedure when a CSP is =
composed
of more than one DLL.

In this case =BFdoes Microsoft sign all the DLL's that compose the CSP? =
or
=BFdoes Microsoft sign only the DLL that implements the CryptoSPI?.

I have heard comments in both ways and it is important for me to know =
this
for security and design reasons affecting my CSP.

Thanks in advance

Fernando

----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM

----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM

[prev in list] [next in list] [prev in thread] [next in thread]