headers
David W. Morris | 13 Sep 1996 04:11
Picon

Re: Off topic - DLL security


On Thu, 12 Sep 1996, Hamilton, Ed  <at>  OTT wrote:

> 
> Hi Dave,
> 
>      The fact that you have a product in existence is a good thing.  It 
> indicates a need for this technology and it indicates a need for 
> standardization of this technology.  The next step is to get a standard in 
> place so that this technology can be used in each and every circumstance 
> that may be applicable.

Well standards are useful when interoperability is needed. In this case,
what might be needed is a new API from the platform vendor. In my case, 
what I described is my application of an approach recommended by our
secure payment technology/service vendor. My adaptation was simply to
force a correlation between the DLL actually loaded by win/95 and the
dll I validate using their MD5 library and verification routine.

So I think this could be added to a security issues chapter of someone's
book but it doesn't deserve collective effort.
Permalink | Reply | 0 comments |
headers
Peter Williams | 13 Sep 1996 19:08
Picon
Favicon

RE: FW: Off topic - DLL security

Microsoft does indeed claim to use signatures and tamperproof
loading implementation technology to control loading of a crypto DLL. However,
this seems to be an exception to the design being advanced
for the commercial market:

The general tendency seems to be that DLL (or any other content type)
is evaluated at *introduce/install* time as to whether its behaviour (upon loading) or
mere existance (in the system) would negatively impact the continuing accreditation
of a host system to be operating at level C2 (or other level).

----------
From: 	Hamilton, Ed  <at>  OTT
Sent: 	Thursday, September 12, 1996 8:13 AM
To: 	dave horvath
Cc: 	chandras; ietf-pkix
Subject: 	Re: FW: Off topic - DLL security

Hi Dave,

     I would love to use a trusted operating system, however, it would 
basically be a waste of money, in the sense that the software that I need to 
run on it is Commercial and not certifiable on a B2 system.
     For the end-user platforms, we have been mandated to find a way to 
implement the required security on a C2 platform (namingly Windows NT). 
 However, at the same time we must address the issues of I&A from our 
applications to the user and to a PCMCIA card.  We must also ensure the 
integrity of the label generated by our software to ensure that it gets to 
the PCMCIA card without modification.
     So, we need partially C2 certified application software.  One way for 
us to get there is to utilize static linked libraries, but commercial
(Continue reading)

Permalink | Reply | 0 comments |
headers
Tom Johnston | 13 Sep 1996 20:30
Picon
Favicon

RE: FW: Off topic - DLL security

>Microsoft's winverifytrust() api is directly to the purpose of providing .dll
>security.  You can find information on it at
>http://www.microsoft.com/intdev/security/misf8_2.htm.  We provide both a
>signing format and a model for writing your own code verification policies.
>
>The signature format is the standard PKCS#7 SignedData structure with some
additional published attributes. There's a a set of libraries and tools
>for signing a DLL with your own key, inserting the signature directly into
>the DLL along with any relevant certificates, and parsing and verifing the
>signature.

>The thorny problem is who calls the API.  Authenticode calls it at
>installation; you could certainly write an agent that would call the API at
>other times, though this might require hooking system services.

	-TJ

>----------
>From: 	Peter Williams[SMTP:peter <at> verisign.com]
>Sent: 	Friday, September 13, 1996 10:08 AM
>To: 	dave horvath; 'Hamilton, Ed  <at>  OTT'
>Cc: 	chandras; ietf-pkix
>Subject: 	RE: FW: Off topic - DLL security
>
>Microsoft does indeed claim to use signatures and tamperproof
>loading implementation technology to control loading of a crypto DLL.
>However,
>this seems to be an exception to the design being advanced
>for the commercial market:
>
(Continue reading)

Permalink | Reply | 0 comments |
headers
Peter Williams | 13 Sep 1996 22:17
Picon
Favicon

RE: FW: Off topic - DLL security

Tom,

Thanks for the clarification - that the various Windows 
system  security services are themselves usable by third parties IN ANY manner
designers/developers may wish - to provide whatever controls are desired.

I have personally only the highest respect for Microsoft's
development and mass deployment of the missing
security infrastructure pieces, and (FURTHEREMORE) the
architecting of their components such that they can
be used in many different ways. We have waited for
so long!

To agree with something MS said recently, MS has
now done the grunt work of signatures and certs programming, ASN.1
fiddling (now, fortunately, all hidden!), and provided high-level language
programming of these constructs enabling access by anyone capable of
programming Basic and using the web. Now the community at large
can go build security conrtols of whatever nature it wishes -
upon the cross-vendor/cross-O/S platform.

Whilst we as a community (which clearly now
integrates Microsoft's contribution) have now solved a big
piece of the infrastructure bootstrap problem by
agreeing the standards, and having a major vendor  like
MS deploy a conforming implementation widely and freely
in a developers framework, we perhaps now need to
concentrate on the promotion of "good ways" to
use the various mechanisms. Goodness, of
course, is rather subjective.
(Continue reading)

Permalink | Reply | 501 comments |
headers
Michael S Baum | 15 Sep 1996 20:02
Picon
Picon
Favicon

meeting notice

FYI...

==========================================================
                       MEETING NOTICE
==========================================================

                       Please correspond with:
                                Michael S. Baum, Esq.
                                33 Tremont Street
                                Cambridge, MA  02139-1227  USA
                                V: +1 617.661.1234
                                F: +1 617.661.0716
                                E: michael <at> verisign.com

Subject:     INFORMATION SECURITY COMMITTEE MEETING NOTICE

Dear Committee Member:

You are cordially invited to participate in a meeting of the Information
Security Committee, Section of Science & Technology, American Bar
Association, on Friday/Saturday, October 18-19, 1996, in Boston.  The
Committee will advance its development of commercial key escrow guidelines
as well as consider digital signature legislative initiatives in the
several States and other jurisdictions, and continue its consideration of
digital signature evidence and liability. 

Consistent with Section policy, ISC meeting participants MUST be members
of both the ABA and the ABA Section of Science and Technology.  Please
contact Ann Kowalsky, Manager Section of Science & Technology, at ABA
offices in Chicago by phone: +1 312.988.5599, fax: +1 312.988.5628, or
(Continue reading)

Permalink | Reply | 0 comments |
headers
Stephen Kent | 15 Sep 1996 23:28
Picon

Re: FW: Off topic - DLL security

Ed,

        I doubt that PKIX will address any of the details of the topics you
raised.  We are working on certification infrastructure standards issues.
The security of the interface between application software and a crypto
token is a local issue, that depends on the OS, the token, etc.  Digitally
signing software may be of some use in this context, but it probably is not
a panacea and it also is not within the scope of the WG.

Steve
Permalink | Reply | 0 comments |
headers
Bill Buffam | 16 Sep 1996 15:18
Picon

Re: FW: Off topic - DLL security

>As the S/MIMEcommunity is discovering, one can take
>the MS security mechanism, and bundle them
>together in such a manner as to enhance the
>opportunities of fraud!

Really? I must have missed something. Can you expand on this?

--

-- 

Bill Buffam
Unisys, Malvern PA
bjb <at> trsvr.tr.unisys.com
Permalink | Reply | 501 comments |
headers
Branislav Meandzija | 16 Sep 1996 20:59

Call for Papers - Global Internet - IEEE Communications Magazine

CALL FOR PAPERS
                IEEE COMMUNICATIONS MAGAZINE
           SPECIAL ISSUE ON THE GLOBAL INTERNET

The IEEE Communications Magazine is soliciting original
tutorial-style manuscripts for a planned Special Issue on
the Global Internet. From its origins as a US government
research project, the Internet has grown to become a major
component of the global world-wide network infrastructure,
linking millions of machines and tens of millions of users
around the world. If the Internet were a stock it would be
considered a market phenomenon, with sustained double-digit
growth and no apparent end in sight to its upward spiral. 

Over 70 countries have full TCP/IP Internet connectivity, 
and about 150 have at least e-mail services through IP or
via more limited means of connectivity (e.g., UUCP or Fidonet).

Given such phenomenal growth, the Global Internet is increasingly
viewed as the catalyst for a communications revolution resulting
in a plethora of new technological, economic, and social changes.
The focus of the special issue is on the technologies of the 
Internet, the technological changes driven by the emergence of
a truly Global Internet, and collateral economic and social 
issues. Papers are solicited on the following specific subjects:

        * Internet Applications - information retrieval,
         directory services, catalogs, search tools and
         user agents; electronic publishing; education;
         www; languages; collaborative work environments.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Kaye Caldwell | 19 Sep 1996 18:10
Picon

** 9/24 Ca. Dig. Sig. Working Group Meeting **

Apologies for duplicates - some of you I'm sure are on multiple notice lists
for this.

California Digital Signature Regulations Working Group
sponsored by the Software Industry Coalition and CommerceNet

THIS MEETING IS OPEN TO ANYONE WHO WISHES TO ATTEND
However, please let me know if you will be attending via e-mail to:
kaye <at> ix.netcom.com

WHEN: Tuesday September 24, 1-4 PM
WHERE: Sun Microsystems, 901 San Antonio Rd, (Building PAL-1)
              (corner of  S. A. & Charleston, just off 101), Palo Alto
              Cancun Conference Room, 2nd Floor 

AGENDA 

I. Report on status of Secretary of State's Task Force 
     - request for demos of technology in Sacramento
II. Review of draft of our principle 1, suggestions for additional principles
III. Review of current draft of outline of regulations
IV. Review of draft Digital Signature Acceptance Procedures background paper
V. Draft language for additional technologies

For more information, e-mail Kaye Caldwell at kaye <at> ix.netcom.com or call
408-479-8743.

Kaye Caldwell
Software Industry Coalition Policy Director
CommerceNet Adovocacy and Public Policy Committee Chair
(Continue reading)

Permalink | Reply | 0 comments |
headers
Tom Johnston | 19 Sep 1996 18:46
Picon
Favicon

announce: CryptoAPI 2 developers' release

CryptoAPI 2 gives developers the ability to incorporate certificates in
applications, and removes much of the work of dealing with encapsulation
>and encoding.  It incorporates all of the cryptography present in CryptoAPI 1
>(key generation, key management, key exchange, encryption and decryption,
>hashing, signing and signature verification).  CryptoAPI 2 can be called from
Java, Visual Basic, VB Script, and C/C++.  It supports X.509, ASN.1, and
PKCS 7.
>
>For more information, check out http://www.microsoft.com/intdev/security.  It
includes presentations on topics such as CryptoAPI 2, Secure Channel
Services (SSL, etc), the Microsoft Certificate Server, Personal
>Information Exchange, Smart Cards and more.  It also includes the CryptoAPI 2
>developers' release (.dll's, documentation, sample applications and source
>code), WinInet and WinSock 2 interfaces allowing developers to use
>Microsoft's implementation of SSL rather than rolling your own.
>
>To give us feedback, or to participate in discussions about CryptoAPI 2,
>please subscribe to the CryptoAPI mailing list:
>
>write to LISTSERV <at> LISTSERV.MSN.COM
>and, in the text of your message (not the subject line), write:
>
>SUBSCRIBE CryptoAPI John Doe
>
>substituting your own name of course.
>
>-TJ
Permalink | Reply | 0 comments |

Gmane