Also, see <a href="http://www.schneier.com/essay-198.html">http://www.schneier.com/essay-198.html</a><br>And yeah, I was talking about the NSA key.<br>Comrade Ringo Kamens<br><br><div class="gmail_quote">On Jan 2, 2008 4:24 PM, Nick Mathewson <
<a href="mailto:nickm@freehaven.net">nickm@freehaven.net</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class="Ih2E3d">
On Wed, Jan 02, 2008 at 02:47:11PM -0600, Eugene Y. Vasserman wrote:<br>> Thus spake Ringo Kamens on Sun, 23 Dec 2007:<br>><br>> (snip)<br>> > Also, we know the NSA and DoJ have engaged in<br>> > this type of activity in the past such as "working" with Microsoft to
<br>> > secure vista and having their private key inserted into windows<br>> > versions so they could decrypt things.<br>><br>> I've heard of the Vista bit, but what are you referring to, as far as
<br>> having a decryption key for Windows stuff? I know they had one in...<br>> What was it? Lotus Notes?<br><br></div>He's probably referring to the "NSAKey" key in NT 4. For more<br>information, see
<br> <a href="http://en.wikipedia.org/wiki/Nsakey" target="_blank">http://en.wikipedia.org/wiki/Nsakey</a><br><br>It's a secondary code-signing key, allegedy to be used if their<br>primary code signing key needed to be revoked.
<br><br>If you believe Microsoft, the key was called "_NSAKEY" because it was<br>introduced in order to meet NSA requirements for a secondary key.<br>Naming things after the software or organization that requires them,
<br>rather than after their actual purpose, is not unusual for Microsoft:<br>Their office XML spec is littered with stuff like the notorious<br>AutoSpaceLikeWord95.<br><br>Personally, I don't believe that contemporary operating systems are so
<br>secure that the NSA would rather have security holes custom-built for<br>it instead of just using the ones that are already there.<br><br>peace,<br>--<br><font color="#888888">Nick<br></font></blockquote></div><br>